diff options
author | Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | 2021-01-07 16:51:05 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-01-18 23:51:07 +0000 |
commit | dbde0900459ce06a7b6de340a115e31275c8f6a2 (patch) | |
tree | 3149424a3fb4bf7a60619203cfcb947957bd5446 /meta/recipes-support | |
parent | d8a902440c14539b404ac9808a5c0f835184f983 (diff) | |
download | poky-dbde0900459ce06a7b6de340a115e31275c8f6a2.tar.gz |
curl: Fix CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
Backport the CVE patches from upstream
https://github.com/curl/curl/commit/ec9cc725d598ac
https://github.com/curl/curl/commit/a95a6ce6b809693a1195e3b4347a6cfa0fbc2ee7
https://github.com/curl/curl/commit/69a358f2186e04
https://github.com/curl/curl/commit/d9d01672785b.patch
0002-remove-void-protop-create-union-p.patch is added because the CVE-2020-8285 fix is
dependent on it.
CVE:
CVE-2020-8284
CVE-2020-8285
CVE-2020-8286
(From OE-Core rev: f1a0ea55c0ae2cce7f7c3c6c73f57c5b8222c860)
Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support')
-rw-r--r-- | meta/recipes-support/curl/curl/0002-remove-void-protop-create-union-p.patch | 1609 | ||||
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2020-8284.patch | 210 | ||||
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2020-8285.patch | 257 | ||||
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2020-8286.patch | 131 | ||||
-rw-r--r-- | meta/recipes-support/curl/curl_7.72.0.bb | 4 |
5 files changed, 2211 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/0002-remove-void-protop-create-union-p.patch b/meta/recipes-support/curl/curl/0002-remove-void-protop-create-union-p.patch new file mode 100644 index 0000000000..d0d01fb97c --- /dev/null +++ b/meta/recipes-support/curl/curl/0002-remove-void-protop-create-union-p.patch | |||
@@ -0,0 +1,1609 @@ | |||
1 | From bfdb7ee65fc8b96f1fce10ef23871acb092b74b6 Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Mon, 23 Nov 2020 08:32:41 +0100 | ||
4 | Subject: [PATCH] urldata: remove 'void *protop' and create the union 'p' | ||
5 | |||
6 | ... to avoid the use of 'void *' for the protocol specific structs done | ||
7 | per transfer. | ||
8 | |||
9 | Closes #6238 | ||
10 | |||
11 | Upstream-Status: Backport [https://github.com/curl/curl/commit/a95a6ce6b809693a1195e3b4347a6cfa0fbc2ee7] | ||
12 | |||
13 | CVE: CVE-2020-8285 | ||
14 | |||
15 | Signed-off-by: Daniel Stenberg <daniel@haxx.se> | ||
16 | Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | ||
17 | |||
18 | --- | ||
19 | docs/INTERNALS.md | 4 ++-- | ||
20 | lib/file.c | 14 +++++++------- | ||
21 | lib/ftp.c | 36 ++++++++++++++++++------------------ | ||
22 | lib/http.c | 14 +++++++------- | ||
23 | lib/http2.c | 50 +++++++++++++++++++++++++------------------------- | ||
24 | lib/http_proxy.c | 6 +++--- | ||
25 | lib/imap.c | 26 +++++++++++++------------- | ||
26 | lib/mqtt.c | 10 +++++----- | ||
27 | lib/openldap.c | 8 ++++---- | ||
28 | lib/pop3.c | 14 +++++++------- | ||
29 | lib/rtsp.c | 8 ++++---- | ||
30 | lib/smb.c | 20 ++++++++++---------- | ||
31 | lib/smtp.c | 22 +++++++++++----------- | ||
32 | lib/telnet.c | 30 +++++++++++++++--------------- | ||
33 | lib/transfer.c | 8 ++++---- | ||
34 | lib/url.c | 2 +- | ||
35 | lib/urldata.h | 19 +++++++++++++++++-- | ||
36 | lib/vquic/ngtcp2.c | 24 ++++++++++++------------ | ||
37 | lib/vquic/quiche.c | 10 +++++----- | ||
38 | lib/vssh/libssh.c | 10 +++++----- | ||
39 | lib/vssh/libssh2.c | 8 ++++---- | ||
40 | lib/vssh/wolfssh.c | 8 ++++---- | ||
41 | 22 files changed, 183 insertions(+), 168 deletions(-) | ||
42 | |||
43 | diff --git a/docs/INTERNALS.md b/docs/INTERNALS.md | ||
44 | index 635e7b2..ca8988e 100644 | ||
45 | --- a/docs/INTERNALS.md | ||
46 | +++ b/docs/INTERNALS.md | ||
47 | @@ -980,8 +980,8 @@ for older and later versions as things don't change drastically that often. | ||
48 | protocol specific data that then gets associated with that `Curl_easy` for | ||
49 | the rest of this transfer. It gets freed again at the end of the transfer. | ||
50 | It will be called before the `connectdata` for the transfer has been | ||
51 | - selected/created. Most protocols will allocate its private | ||
52 | - `struct [PROTOCOL]` here and assign `Curl_easy->req.protop` to point to it. | ||
53 | + selected/created. Most protocols will allocate its private `struct | ||
54 | + [PROTOCOL]` here and assign `Curl_easy->req.p.[protocol]` to it. | ||
55 | |||
56 | `->connect_it` allows a protocol to do some specific actions after the TCP | ||
57 | connect is done, that can still be considered part of the connection phase. | ||
58 | diff --git a/lib/file.c b/lib/file.c | ||
59 | index cd3e49c..110e5c2 100644 | ||
60 | --- a/lib/file.c | ||
61 | +++ b/lib/file.c | ||
62 | @@ -119,8 +119,8 @@ const struct Curl_handler Curl_handler_file = { | ||
63 | static CURLcode file_setup_connection(struct connectdata *conn) | ||
64 | { | ||
65 | /* allocate the FILE specific struct */ | ||
66 | - conn->data->req.protop = calloc(1, sizeof(struct FILEPROTO)); | ||
67 | - if(!conn->data->req.protop) | ||
68 | + conn->data->req.p.file = calloc(1, sizeof(struct FILEPROTO)); | ||
69 | + if(!conn->data->req.p.file) | ||
70 | return CURLE_OUT_OF_MEMORY; | ||
71 | |||
72 | return CURLE_OK; | ||
73 | @@ -135,7 +135,7 @@ static CURLcode file_connect(struct connectdata *conn, bool *done) | ||
74 | { | ||
75 | struct Curl_easy *data = conn->data; | ||
76 | char *real_path; | ||
77 | - struct FILEPROTO *file = data->req.protop; | ||
78 | + struct FILEPROTO *file = data->req.p.file; | ||
79 | int fd; | ||
80 | #ifdef DOS_FILESYSTEM | ||
81 | size_t i; | ||
82 | @@ -209,7 +209,7 @@ static CURLcode file_connect(struct connectdata *conn, bool *done) | ||
83 | static CURLcode file_done(struct connectdata *conn, | ||
84 | CURLcode status, bool premature) | ||
85 | { | ||
86 | - struct FILEPROTO *file = conn->data->req.protop; | ||
87 | + struct FILEPROTO *file = conn->data->req.p.file; | ||
88 | (void)status; /* not used */ | ||
89 | (void)premature; /* not used */ | ||
90 | |||
91 | @@ -227,7 +227,7 @@ static CURLcode file_done(struct connectdata *conn, | ||
92 | static CURLcode file_disconnect(struct connectdata *conn, | ||
93 | bool dead_connection) | ||
94 | { | ||
95 | - struct FILEPROTO *file = conn->data->req.protop; | ||
96 | + struct FILEPROTO *file = conn->data->req.p.file; | ||
97 | (void)dead_connection; /* not used */ | ||
98 | |||
99 | if(file) { | ||
100 | @@ -249,7 +249,7 @@ static CURLcode file_disconnect(struct connectdata *conn, | ||
101 | |||
102 | static CURLcode file_upload(struct connectdata *conn) | ||
103 | { | ||
104 | - struct FILEPROTO *file = conn->data->req.protop; | ||
105 | + struct FILEPROTO *file = conn->data->req.p.file; | ||
106 | const char *dir = strchr(file->path, DIRSEP); | ||
107 | int fd; | ||
108 | int mode; | ||
109 | @@ -391,7 +391,7 @@ static CURLcode file_do(struct connectdata *conn, bool *done) | ||
110 | if(data->set.upload) | ||
111 | return file_upload(conn); | ||
112 | |||
113 | - file = conn->data->req.protop; | ||
114 | + file = conn->data->req.p.file; | ||
115 | |||
116 | /* get the fd from the connection phase */ | ||
117 | fd = file->fd; | ||
118 | diff --git a/lib/ftp.c b/lib/ftp.c | ||
119 | index 9fadac5..d1a9447 100644 | ||
120 | --- a/lib/ftp.c | ||
121 | +++ b/lib/ftp.c | ||
122 | @@ -1345,7 +1345,7 @@ static CURLcode ftp_state_use_pasv(struct connectdata *conn) | ||
123 | static CURLcode ftp_state_prepare_transfer(struct connectdata *conn) | ||
124 | { | ||
125 | CURLcode result = CURLE_OK; | ||
126 | - struct FTP *ftp = conn->data->req.protop; | ||
127 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
128 | struct Curl_easy *data = conn->data; | ||
129 | |||
130 | if(ftp->transfer != FTPTRANSFER_BODY) { | ||
131 | @@ -1388,7 +1388,7 @@ static CURLcode ftp_state_prepare_transfer(struct connectdata *conn) | ||
132 | static CURLcode ftp_state_rest(struct connectdata *conn) | ||
133 | { | ||
134 | CURLcode result = CURLE_OK; | ||
135 | - struct FTP *ftp = conn->data->req.protop; | ||
136 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
137 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
138 | |||
139 | if((ftp->transfer != FTPTRANSFER_BODY) && ftpc->file) { | ||
140 | @@ -1409,7 +1409,7 @@ static CURLcode ftp_state_rest(struct connectdata *conn) | ||
141 | static CURLcode ftp_state_size(struct connectdata *conn) | ||
142 | { | ||
143 | CURLcode result = CURLE_OK; | ||
144 | - struct FTP *ftp = conn->data->req.protop; | ||
145 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
146 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
147 | |||
148 | if((ftp->transfer == FTPTRANSFER_INFO) && ftpc->file) { | ||
149 | @@ -1430,7 +1430,7 @@ static CURLcode ftp_state_list(struct connectdata *conn) | ||
150 | { | ||
151 | CURLcode result = CURLE_OK; | ||
152 | struct Curl_easy *data = conn->data; | ||
153 | - struct FTP *ftp = data->req.protop; | ||
154 | + struct FTP *ftp = data->req.p.ftp; | ||
155 | |||
156 | /* If this output is to be machine-parsed, the NLST command might be better | ||
157 | to use, since the LIST command output is not specified or standard in any | ||
158 | @@ -1508,7 +1508,7 @@ static CURLcode ftp_state_stor_prequote(struct connectdata *conn) | ||
159 | static CURLcode ftp_state_type(struct connectdata *conn) | ||
160 | { | ||
161 | CURLcode result = CURLE_OK; | ||
162 | - struct FTP *ftp = conn->data->req.protop; | ||
163 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
164 | struct Curl_easy *data = conn->data; | ||
165 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
166 | |||
167 | @@ -1565,7 +1565,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn, | ||
168 | bool sizechecked) | ||
169 | { | ||
170 | CURLcode result = CURLE_OK; | ||
171 | - struct FTP *ftp = conn->data->req.protop; | ||
172 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
173 | struct Curl_easy *data = conn->data; | ||
174 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
175 | |||
176 | @@ -1664,7 +1664,7 @@ static CURLcode ftp_state_quote(struct connectdata *conn, | ||
177 | { | ||
178 | CURLcode result = CURLE_OK; | ||
179 | struct Curl_easy *data = conn->data; | ||
180 | - struct FTP *ftp = data->req.protop; | ||
181 | + struct FTP *ftp = data->req.p.ftp; | ||
182 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
183 | bool quote = FALSE; | ||
184 | struct curl_slist *item; | ||
185 | @@ -2033,7 +2033,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn, | ||
186 | { | ||
187 | CURLcode result = CURLE_OK; | ||
188 | struct Curl_easy *data = conn->data; | ||
189 | - struct FTP *ftp = data->req.protop; | ||
190 | + struct FTP *ftp = data->req.p.ftp; | ||
191 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
192 | |||
193 | switch(ftpcode) { | ||
194 | @@ -2166,7 +2166,7 @@ static CURLcode ftp_state_retr(struct connectdata *conn, | ||
195 | { | ||
196 | CURLcode result = CURLE_OK; | ||
197 | struct Curl_easy *data = conn->data; | ||
198 | - struct FTP *ftp = data->req.protop; | ||
199 | + struct FTP *ftp = data->req.p.ftp; | ||
200 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
201 | |||
202 | if(data->set.max_filesize && (filesize > data->set.max_filesize)) { | ||
203 | @@ -2378,7 +2378,7 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn, | ||
204 | { | ||
205 | CURLcode result = CURLE_OK; | ||
206 | struct Curl_easy *data = conn->data; | ||
207 | - struct FTP *ftp = data->req.protop; | ||
208 | + struct FTP *ftp = data->req.p.ftp; | ||
209 | |||
210 | if((ftpcode == 150) || (ftpcode == 125)) { | ||
211 | |||
212 | @@ -3138,7 +3138,7 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, | ||
213 | bool premature) | ||
214 | { | ||
215 | struct Curl_easy *data = conn->data; | ||
216 | - struct FTP *ftp = data->req.protop; | ||
217 | + struct FTP *ftp = data->req.p.ftp; | ||
218 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
219 | struct pingpong *pp = &ftpc->pp; | ||
220 | ssize_t nread; | ||
221 | @@ -3492,7 +3492,7 @@ static CURLcode ftp_do_more(struct connectdata *conn, int *completep) | ||
222 | bool complete = FALSE; | ||
223 | |||
224 | /* the ftp struct is inited in ftp_connect() */ | ||
225 | - struct FTP *ftp = data->req.protop; | ||
226 | + struct FTP *ftp = data->req.p.ftp; | ||
227 | |||
228 | /* if the second connection isn't done yet, wait for it */ | ||
229 | if(!conn->bits.tcpconnect[SECONDARYSOCKET]) { | ||
230 | @@ -3657,7 +3657,7 @@ CURLcode ftp_perform(struct connectdata *conn, | ||
231 | |||
232 | if(conn->data->set.opt_no_body) { | ||
233 | /* requested no body means no transfer... */ | ||
234 | - struct FTP *ftp = conn->data->req.protop; | ||
235 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
236 | ftp->transfer = FTPTRANSFER_INFO; | ||
237 | } | ||
238 | |||
239 | @@ -3692,7 +3692,7 @@ static void wc_data_dtor(void *ptr) | ||
240 | static CURLcode init_wc_data(struct connectdata *conn) | ||
241 | { | ||
242 | char *last_slash; | ||
243 | - struct FTP *ftp = conn->data->req.protop; | ||
244 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
245 | char *path = ftp->path; | ||
246 | struct WildcardData *wildcard = &(conn->data->wildcard); | ||
247 | CURLcode result = CURLE_OK; | ||
248 | @@ -3826,7 +3826,7 @@ static CURLcode wc_statemach(struct connectdata *conn) | ||
249 | /* filelist has at least one file, lets get first one */ | ||
250 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
251 | struct curl_fileinfo *finfo = wildcard->filelist.head->ptr; | ||
252 | - struct FTP *ftp = conn->data->req.protop; | ||
253 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
254 | |||
255 | char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename); | ||
256 | if(!tmp_path) | ||
257 | @@ -4099,7 +4099,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn) | ||
258 | { | ||
259 | struct Curl_easy *data = conn->data; | ||
260 | /* the ftp struct is already inited in ftp_connect() */ | ||
261 | - struct FTP *ftp = data->req.protop; | ||
262 | + struct FTP *ftp = data->req.p.ftp; | ||
263 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
264 | const char *slashPos = NULL; | ||
265 | const char *fileName = NULL; | ||
266 | @@ -4244,7 +4244,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn) | ||
267 | static CURLcode ftp_dophase_done(struct connectdata *conn, | ||
268 | bool connected) | ||
269 | { | ||
270 | - struct FTP *ftp = conn->data->req.protop; | ||
271 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
272 | struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
273 | |||
274 | if(connected) { | ||
275 | @@ -4341,7 +4341,7 @@ static CURLcode ftp_setup_connection(struct connectdata *conn) | ||
276 | char *type; | ||
277 | struct FTP *ftp; | ||
278 | |||
279 | - conn->data->req.protop = ftp = calloc(sizeof(struct FTP), 1); | ||
280 | + conn->data->req.p.ftp = ftp = calloc(sizeof(struct FTP), 1); | ||
281 | if(NULL == ftp) | ||
282 | return CURLE_OUT_OF_MEMORY; | ||
283 | |||
284 | diff --git a/lib/http.c b/lib/http.c | ||
285 | index 8fcdd43..31d9112 100644 | ||
286 | --- a/lib/http.c | ||
287 | +++ b/lib/http.c | ||
288 | @@ -162,14 +162,14 @@ static CURLcode http_setup_conn(struct connectdata *conn) | ||
289 | during this request */ | ||
290 | struct HTTP *http; | ||
291 | struct Curl_easy *data = conn->data; | ||
292 | - DEBUGASSERT(data->req.protop == NULL); | ||
293 | + DEBUGASSERT(data->req.p.http == NULL); | ||
294 | |||
295 | http = calloc(1, sizeof(struct HTTP)); | ||
296 | if(!http) | ||
297 | return CURLE_OUT_OF_MEMORY; | ||
298 | |||
299 | Curl_mime_initpart(&http->form, conn->data); | ||
300 | - data->req.protop = http; | ||
301 | + data->req.p.http = http; | ||
302 | |||
303 | if(data->set.httpversion == CURL_HTTP_VERSION_3) { | ||
304 | if(conn->handler->flags & PROTOPT_SSL) | ||
305 | @@ -425,7 +425,7 @@ static bool pickoneauth(struct auth *pick, unsigned long mask) | ||
306 | static CURLcode http_perhapsrewind(struct connectdata *conn) | ||
307 | { | ||
308 | struct Curl_easy *data = conn->data; | ||
309 | - struct HTTP *http = data->req.protop; | ||
310 | + struct HTTP *http = data->req.p.http; | ||
311 | curl_off_t bytessent; | ||
312 | curl_off_t expectsend = -1; /* default is unknown */ | ||
313 | |||
314 | @@ -1109,7 +1109,7 @@ static size_t readmoredata(char *buffer, | ||
315 | void *userp) | ||
316 | { | ||
317 | struct connectdata *conn = (struct connectdata *)userp; | ||
318 | - struct HTTP *http = conn->data->req.protop; | ||
319 | + struct HTTP *http = conn->data->req.p.http; | ||
320 | size_t fullsize = size * nitems; | ||
321 | |||
322 | if(!http->postsize) | ||
323 | @@ -1167,7 +1167,7 @@ CURLcode Curl_buffer_send(struct dynbuf *in, | ||
324 | char *ptr; | ||
325 | size_t size; | ||
326 | struct Curl_easy *data = conn->data; | ||
327 | - struct HTTP *http = data->req.protop; | ||
328 | + struct HTTP *http = data->req.p.http; | ||
329 | size_t sendsize; | ||
330 | curl_socket_t sockfd; | ||
331 | size_t headersize; | ||
332 | @@ -1517,7 +1517,7 @@ CURLcode Curl_http_done(struct connectdata *conn, | ||
333 | CURLcode status, bool premature) | ||
334 | { | ||
335 | struct Curl_easy *data = conn->data; | ||
336 | - struct HTTP *http = data->req.protop; | ||
337 | + struct HTTP *http = data->req.p.http; | ||
338 | |||
339 | /* Clear multipass flag. If authentication isn't done yet, then it will get | ||
340 | * a chance to be set back to true when we output the next auth header */ | ||
341 | @@ -1978,7 +1978,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) | ||
342 | return result; | ||
343 | } | ||
344 | } | ||
345 | - http = data->req.protop; | ||
346 | + http = data->req.p.http; | ||
347 | DEBUGASSERT(http); | ||
348 | |||
349 | if(!data->state.this_is_a_follow) { | ||
350 | diff --git a/lib/http2.c b/lib/http2.c | ||
351 | index d316da8..c41a1c2 100644 | ||
352 | --- a/lib/http2.c | ||
353 | +++ b/lib/http2.c | ||
354 | @@ -257,7 +257,7 @@ static unsigned int http2_conncheck(struct connectdata *check, | ||
355 | /* called from http_setup_conn */ | ||
356 | void Curl_http2_setup_req(struct Curl_easy *data) | ||
357 | { | ||
358 | - struct HTTP *http = data->req.protop; | ||
359 | + struct HTTP *http = data->req.p.http; | ||
360 | http->bodystarted = FALSE; | ||
361 | http->status_code = -1; | ||
362 | http->pausedata = NULL; | ||
363 | @@ -391,7 +391,7 @@ char *curl_pushheader_bynum(struct curl_pushheaders *h, size_t num) | ||
364 | if(!h || !GOOD_EASY_HANDLE(h->data)) | ||
365 | return NULL; | ||
366 | else { | ||
367 | - struct HTTP *stream = h->data->req.protop; | ||
368 | + struct HTTP *stream = h->data->req.p.http; | ||
369 | if(num < stream->push_headers_used) | ||
370 | return stream->push_headers[num]; | ||
371 | } | ||
372 | @@ -413,7 +413,7 @@ char *curl_pushheader_byname(struct curl_pushheaders *h, const char *header) | ||
373 | !strcmp(header, ":") || strchr(header + 1, ':')) | ||
374 | return NULL; | ||
375 | else { | ||
376 | - struct HTTP *stream = h->data->req.protop; | ||
377 | + struct HTTP *stream = h->data->req.p.http; | ||
378 | size_t len = strlen(header); | ||
379 | size_t i; | ||
380 | for(i = 0; i<stream->push_headers_used; i++) { | ||
381 | @@ -460,7 +460,7 @@ static struct Curl_easy *duphandle(struct Curl_easy *data) | ||
382 | (void)Curl_close(&second); | ||
383 | } | ||
384 | else { | ||
385 | - second->req.protop = http; | ||
386 | + second->req.p.http = http; | ||
387 | Curl_dyn_init(&http->header_recvbuf, DYN_H2_HEADERS); | ||
388 | Curl_http2_setup_req(second); | ||
389 | second->state.stream_weight = data->state.stream_weight; | ||
390 | @@ -537,7 +537,7 @@ static int push_promise(struct Curl_easy *data, | ||
391 | /* ask the application */ | ||
392 | H2BUGF(infof(data, "Got PUSH_PROMISE, ask application!\n")); | ||
393 | |||
394 | - stream = data->req.protop; | ||
395 | + stream = data->req.p.http; | ||
396 | if(!stream) { | ||
397 | failf(data, "Internal NULL stream!\n"); | ||
398 | (void)Curl_close(&newhandle); | ||
399 | @@ -567,13 +567,13 @@ static int push_promise(struct Curl_easy *data, | ||
400 | if(rv) { | ||
401 | DEBUGASSERT((rv > CURL_PUSH_OK) && (rv <= CURL_PUSH_ERROROUT)); | ||
402 | /* denied, kill off the new handle again */ | ||
403 | - http2_stream_free(newhandle->req.protop); | ||
404 | - newhandle->req.protop = NULL; | ||
405 | + http2_stream_free(newhandle->req.p.http); | ||
406 | + newhandle->req.p.http = NULL; | ||
407 | (void)Curl_close(&newhandle); | ||
408 | goto fail; | ||
409 | } | ||
410 | |||
411 | - newstream = newhandle->req.protop; | ||
412 | + newstream = newhandle->req.p.http; | ||
413 | newstream->stream_id = frame->promised_stream_id; | ||
414 | newhandle->req.maxdownload = -1; | ||
415 | newhandle->req.size = -1; | ||
416 | @@ -583,8 +583,8 @@ static int push_promise(struct Curl_easy *data, | ||
417 | rc = Curl_multi_add_perform(data->multi, newhandle, conn); | ||
418 | if(rc) { | ||
419 | infof(data, "failed to add handle to multi\n"); | ||
420 | - http2_stream_free(newhandle->req.protop); | ||
421 | - newhandle->req.protop = NULL; | ||
422 | + http2_stream_free(newhandle->req.p.http); | ||
423 | + newhandle->req.p.http = NULL; | ||
424 | Curl_close(&newhandle); | ||
425 | rv = CURL_PUSH_DENY; | ||
426 | goto fail; | ||
427 | @@ -667,7 +667,7 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, | ||
428 | return 0; | ||
429 | } | ||
430 | |||
431 | - stream = data_s->req.protop; | ||
432 | + stream = data_s->req.p.http; | ||
433 | if(!stream) { | ||
434 | H2BUGF(infof(data_s, "No proto pointer for stream: %x\n", | ||
435 | stream_id)); | ||
436 | @@ -783,7 +783,7 @@ static int on_data_chunk_recv(nghttp2_session *session, uint8_t flags, | ||
437 | internal error more than anything else! */ | ||
438 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
439 | |||
440 | - stream = data_s->req.protop; | ||
441 | + stream = data_s->req.p.http; | ||
442 | if(!stream) | ||
443 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
444 | |||
445 | @@ -849,7 +849,7 @@ static int on_stream_close(nghttp2_session *session, int32_t stream_id, | ||
446 | } | ||
447 | H2BUGF(infof(data_s, "on_stream_close(), %s (err %d), stream %u\n", | ||
448 | nghttp2_http2_strerror(error_code), error_code, stream_id)); | ||
449 | - stream = data_s->req.protop; | ||
450 | + stream = data_s->req.p.http; | ||
451 | if(!stream) | ||
452 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
453 | |||
454 | @@ -894,7 +894,7 @@ static int on_begin_headers(nghttp2_session *session, | ||
455 | return 0; | ||
456 | } | ||
457 | |||
458 | - stream = data_s->req.protop; | ||
459 | + stream = data_s->req.p.http; | ||
460 | if(!stream || !stream->bodystarted) { | ||
461 | return 0; | ||
462 | } | ||
463 | @@ -952,7 +952,7 @@ static int on_header(nghttp2_session *session, const nghttp2_frame *frame, | ||
464 | internal error more than anything else! */ | ||
465 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
466 | |||
467 | - stream = data_s->req.protop; | ||
468 | + stream = data_s->req.p.http; | ||
469 | if(!stream) { | ||
470 | failf(data_s, "Internal NULL stream! 5\n"); | ||
471 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
472 | @@ -1100,7 +1100,7 @@ static ssize_t data_source_read_callback(nghttp2_session *session, | ||
473 | internal error more than anything else! */ | ||
474 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
475 | |||
476 | - stream = data_s->req.protop; | ||
477 | + stream = data_s->req.p.http; | ||
478 | if(!stream) | ||
479 | return NGHTTP2_ERR_CALLBACK_FAILURE; | ||
480 | } | ||
481 | @@ -1161,7 +1161,7 @@ static void populate_settings(struct connectdata *conn, | ||
482 | |||
483 | void Curl_http2_done(struct Curl_easy *data, bool premature) | ||
484 | { | ||
485 | - struct HTTP *http = data->req.protop; | ||
486 | + struct HTTP *http = data->req.p.http; | ||
487 | struct http_conn *httpc = &data->conn->proto.httpc; | ||
488 | |||
489 | /* there might be allocated resources done before this got the 'h2' pointer | ||
490 | @@ -1398,7 +1398,7 @@ CURLcode Curl_http2_done_sending(struct connectdata *conn) | ||
491 | (conn->handler == &Curl_handler_http2)) { | ||
492 | /* make sure this is only attempted for HTTP/2 transfers */ | ||
493 | |||
494 | - struct HTTP *stream = conn->data->req.protop; | ||
495 | + struct HTTP *stream = conn->data->req.p.http; | ||
496 | |||
497 | struct http_conn *httpc = &conn->proto.httpc; | ||
498 | nghttp2_session *h2 = httpc->h2; | ||
499 | @@ -1522,7 +1522,7 @@ static void h2_pri_spec(struct Curl_easy *data, | ||
500 | nghttp2_priority_spec *pri_spec) | ||
501 | { | ||
502 | struct HTTP *depstream = (data->set.stream_depends_on? | ||
503 | - data->set.stream_depends_on->req.protop:NULL); | ||
504 | + data->set.stream_depends_on->req.p.http:NULL); | ||
505 | int32_t depstream_id = depstream? depstream->stream_id:0; | ||
506 | nghttp2_priority_spec_init(pri_spec, depstream_id, data->set.stream_weight, | ||
507 | data->set.stream_depends_e); | ||
508 | @@ -1539,7 +1539,7 @@ static void h2_pri_spec(struct Curl_easy *data, | ||
509 | static int h2_session_send(struct Curl_easy *data, | ||
510 | nghttp2_session *h2) | ||
511 | { | ||
512 | - struct HTTP *stream = data->req.protop; | ||
513 | + struct HTTP *stream = data->req.p.http; | ||
514 | if((data->set.stream_weight != data->state.stream_weight) || | ||
515 | (data->set.stream_depends_e != data->state.stream_depends_e) || | ||
516 | (data->set.stream_depends_on != data->state.stream_depends_on) ) { | ||
517 | @@ -1569,7 +1569,7 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex, | ||
518 | ssize_t nread; | ||
519 | struct http_conn *httpc = &conn->proto.httpc; | ||
520 | struct Curl_easy *data = conn->data; | ||
521 | - struct HTTP *stream = data->req.protop; | ||
522 | + struct HTTP *stream = data->req.p.http; | ||
523 | |||
524 | (void)sockindex; /* we always do HTTP2 on sockindex 0 */ | ||
525 | |||
526 | @@ -1874,7 +1874,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex, | ||
527 | */ | ||
528 | int rv; | ||
529 | struct http_conn *httpc = &conn->proto.httpc; | ||
530 | - struct HTTP *stream = conn->data->req.protop; | ||
531 | + struct HTTP *stream = conn->data->req.p.http; | ||
532 | nghttp2_nv *nva = NULL; | ||
533 | size_t nheader; | ||
534 | size_t i; | ||
535 | @@ -2183,7 +2183,7 @@ CURLcode Curl_http2_setup(struct connectdata *conn) | ||
536 | { | ||
537 | CURLcode result; | ||
538 | struct http_conn *httpc = &conn->proto.httpc; | ||
539 | - struct HTTP *stream = conn->data->req.protop; | ||
540 | + struct HTTP *stream = conn->data->req.p.http; | ||
541 | |||
542 | DEBUGASSERT(conn->data->state.buffer); | ||
543 | |||
544 | @@ -2238,7 +2238,7 @@ CURLcode Curl_http2_switched(struct connectdata *conn, | ||
545 | int rv; | ||
546 | ssize_t nproc; | ||
547 | struct Curl_easy *data = conn->data; | ||
548 | - struct HTTP *stream = conn->data->req.protop; | ||
549 | + struct HTTP *stream = conn->data->req.p.http; | ||
550 | |||
551 | result = Curl_http2_setup(conn); | ||
552 | if(result) | ||
553 | @@ -2358,7 +2358,7 @@ CURLcode Curl_http2_stream_pause(struct Curl_easy *data, bool pause) | ||
554 | return CURLE_OK; | ||
555 | #ifdef NGHTTP2_HAS_SET_LOCAL_WINDOW_SIZE | ||
556 | else { | ||
557 | - struct HTTP *stream = data->req.protop; | ||
558 | + struct HTTP *stream = data->req.p.http; | ||
559 | struct http_conn *httpc = &data->conn->proto.httpc; | ||
560 | uint32_t window = !pause * HTTP2_HUGE_WINDOW_SIZE; | ||
561 | int rv = nghttp2_session_set_local_window_size(httpc->h2, | ||
562 | diff --git a/lib/http_proxy.c b/lib/http_proxy.c | ||
563 | index f188cbf..69aacb4 100644 | ||
564 | --- a/lib/http_proxy.c | ||
565 | +++ b/lib/http_proxy.c | ||
566 | @@ -102,9 +102,9 @@ CURLcode Curl_proxy_connect(struct connectdata *conn, int sockindex) | ||
567 | * This function might be called several times in the multi interface case | ||
568 | * if the proxy's CONNECT response is not instant. | ||
569 | */ | ||
570 | - prot_save = conn->data->req.protop; | ||
571 | + prot_save = conn->data->req.p.http; | ||
572 | memset(&http_proxy, 0, sizeof(http_proxy)); | ||
573 | - conn->data->req.protop = &http_proxy; | ||
574 | + conn->data->req.p.http = &http_proxy; | ||
575 | connkeep(conn, "HTTP proxy CONNECT"); | ||
576 | |||
577 | /* for the secondary socket (FTP), use the "connect to host" | ||
578 | @@ -125,7 +125,7 @@ CURLcode Curl_proxy_connect(struct connectdata *conn, int sockindex) | ||
579 | else | ||
580 | remote_port = conn->remote_port; | ||
581 | result = Curl_proxyCONNECT(conn, sockindex, hostname, remote_port); | ||
582 | - conn->data->req.protop = prot_save; | ||
583 | + conn->data->req.p.http = prot_save; | ||
584 | if(CURLE_OK != result) | ||
585 | return result; | ||
586 | Curl_safefree(data->state.aptr.proxyuserpwd); | ||
587 | diff --git a/lib/imap.c b/lib/imap.c | ||
588 | index cad0e59..bda23a5 100644 | ||
589 | --- a/lib/imap.c | ||
590 | +++ b/lib/imap.c | ||
591 | @@ -244,7 +244,7 @@ static bool imap_matchresp(const char *line, size_t len, const char *cmd) | ||
592 | static bool imap_endofresp(struct connectdata *conn, char *line, size_t len, | ||
593 | int *resp) | ||
594 | { | ||
595 | - struct IMAP *imap = conn->data->req.protop; | ||
596 | + struct IMAP *imap = conn->data->req.p.imap; | ||
597 | struct imap_conn *imapc = &conn->proto.imapc; | ||
598 | const char *id = imapc->resptag; | ||
599 | size_t id_len = strlen(id); | ||
600 | @@ -605,7 +605,7 @@ static CURLcode imap_perform_list(struct connectdata *conn) | ||
601 | { | ||
602 | CURLcode result = CURLE_OK; | ||
603 | struct Curl_easy *data = conn->data; | ||
604 | - struct IMAP *imap = data->req.protop; | ||
605 | + struct IMAP *imap = data->req.p.imap; | ||
606 | |||
607 | if(imap->custom) | ||
608 | /* Send the custom request */ | ||
609 | @@ -640,7 +640,7 @@ static CURLcode imap_perform_select(struct connectdata *conn) | ||
610 | { | ||
611 | CURLcode result = CURLE_OK; | ||
612 | struct Curl_easy *data = conn->data; | ||
613 | - struct IMAP *imap = data->req.protop; | ||
614 | + struct IMAP *imap = data->req.p.imap; | ||
615 | struct imap_conn *imapc = &conn->proto.imapc; | ||
616 | char *mailbox; | ||
617 | |||
618 | @@ -679,7 +679,7 @@ static CURLcode imap_perform_select(struct connectdata *conn) | ||
619 | static CURLcode imap_perform_fetch(struct connectdata *conn) | ||
620 | { | ||
621 | CURLcode result = CURLE_OK; | ||
622 | - struct IMAP *imap = conn->data->req.protop; | ||
623 | + struct IMAP *imap = conn->data->req.p.imap; | ||
624 | /* Check we have a UID */ | ||
625 | if(imap->uid) { | ||
626 | |||
627 | @@ -727,7 +727,7 @@ static CURLcode imap_perform_append(struct connectdata *conn) | ||
628 | { | ||
629 | CURLcode result = CURLE_OK; | ||
630 | struct Curl_easy *data = conn->data; | ||
631 | - struct IMAP *imap = data->req.protop; | ||
632 | + struct IMAP *imap = data->req.p.imap; | ||
633 | char *mailbox; | ||
634 | |||
635 | /* Check we have a mailbox */ | ||
636 | @@ -797,7 +797,7 @@ static CURLcode imap_perform_append(struct connectdata *conn) | ||
637 | static CURLcode imap_perform_search(struct connectdata *conn) | ||
638 | { | ||
639 | CURLcode result = CURLE_OK; | ||
640 | - struct IMAP *imap = conn->data->req.protop; | ||
641 | + struct IMAP *imap = conn->data->req.p.imap; | ||
642 | |||
643 | /* Check we have a query string */ | ||
644 | if(!imap->query) { | ||
645 | @@ -1051,7 +1051,7 @@ static CURLcode imap_state_select_resp(struct connectdata *conn, int imapcode, | ||
646 | { | ||
647 | CURLcode result = CURLE_OK; | ||
648 | struct Curl_easy *data = conn->data; | ||
649 | - struct IMAP *imap = conn->data->req.protop; | ||
650 | + struct IMAP *imap = conn->data->req.p.imap; | ||
651 | struct imap_conn *imapc = &conn->proto.imapc; | ||
652 | const char *line = data->state.buffer; | ||
653 | |||
654 | @@ -1380,7 +1380,7 @@ static CURLcode imap_init(struct connectdata *conn) | ||
655 | struct Curl_easy *data = conn->data; | ||
656 | struct IMAP *imap; | ||
657 | |||
658 | - imap = data->req.protop = calloc(sizeof(struct IMAP), 1); | ||
659 | + imap = data->req.p.imap = calloc(sizeof(struct IMAP), 1); | ||
660 | if(!imap) | ||
661 | result = CURLE_OUT_OF_MEMORY; | ||
662 | |||
663 | @@ -1457,7 +1457,7 @@ static CURLcode imap_done(struct connectdata *conn, CURLcode status, | ||
664 | { | ||
665 | CURLcode result = CURLE_OK; | ||
666 | struct Curl_easy *data = conn->data; | ||
667 | - struct IMAP *imap = data->req.protop; | ||
668 | + struct IMAP *imap = data->req.p.imap; | ||
669 | |||
670 | (void)premature; | ||
671 | |||
672 | @@ -1517,7 +1517,7 @@ static CURLcode imap_perform(struct connectdata *conn, bool *connected, | ||
673 | /* This is IMAP and no proxy */ | ||
674 | CURLcode result = CURLE_OK; | ||
675 | struct Curl_easy *data = conn->data; | ||
676 | - struct IMAP *imap = data->req.protop; | ||
677 | + struct IMAP *imap = data->req.p.imap; | ||
678 | struct imap_conn *imapc = &conn->proto.imapc; | ||
679 | bool selected = FALSE; | ||
680 | |||
681 | @@ -1640,7 +1640,7 @@ static CURLcode imap_disconnect(struct connectdata *conn, bool dead_connection) | ||
682 | /* Call this when the DO phase has completed */ | ||
683 | static CURLcode imap_dophase_done(struct connectdata *conn, bool connected) | ||
684 | { | ||
685 | - struct IMAP *imap = conn->data->req.protop; | ||
686 | + struct IMAP *imap = conn->data->req.p.imap; | ||
687 | |||
688 | (void)connected; | ||
689 | |||
690 | @@ -1942,7 +1942,7 @@ static CURLcode imap_parse_url_path(struct connectdata *conn) | ||
691 | /* The imap struct is already initialised in imap_connect() */ | ||
692 | CURLcode result = CURLE_OK; | ||
693 | struct Curl_easy *data = conn->data; | ||
694 | - struct IMAP *imap = data->req.protop; | ||
695 | + struct IMAP *imap = data->req.p.imap; | ||
696 | const char *begin = &data->state.up.path[1]; /* skip leading slash */ | ||
697 | const char *ptr = begin; | ||
698 | |||
699 | @@ -2074,7 +2074,7 @@ static CURLcode imap_parse_custom_request(struct connectdata *conn) | ||
700 | { | ||
701 | CURLcode result = CURLE_OK; | ||
702 | struct Curl_easy *data = conn->data; | ||
703 | - struct IMAP *imap = data->req.protop; | ||
704 | + struct IMAP *imap = data->req.p.imap; | ||
705 | const char *custom = data->set.str[STRING_CUSTOMREQUEST]; | ||
706 | |||
707 | if(custom) { | ||
708 | diff --git a/lib/mqtt.c b/lib/mqtt.c | ||
709 | index f6f4416..86b22b8 100644 | ||
710 | --- a/lib/mqtt.c | ||
711 | +++ b/lib/mqtt.c | ||
712 | @@ -95,12 +95,12 @@ static CURLcode mqtt_setup_conn(struct connectdata *conn) | ||
713 | during this request */ | ||
714 | struct MQTT *mq; | ||
715 | struct Curl_easy *data = conn->data; | ||
716 | - DEBUGASSERT(data->req.protop == NULL); | ||
717 | + DEBUGASSERT(data->req.p.mqtt == NULL); | ||
718 | |||
719 | mq = calloc(1, sizeof(struct MQTT)); | ||
720 | if(!mq) | ||
721 | return CURLE_OUT_OF_MEMORY; | ||
722 | - data->req.protop = mq; | ||
723 | + data->req.p.mqtt = mq; | ||
724 | return CURLE_OK; | ||
725 | } | ||
726 | |||
727 | @@ -110,7 +110,7 @@ static CURLcode mqtt_send(struct connectdata *conn, | ||
728 | CURLcode result = CURLE_OK; | ||
729 | curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; | ||
730 | struct Curl_easy *data = conn->data; | ||
731 | - struct MQTT *mq = data->req.protop; | ||
732 | + struct MQTT *mq = data->req.p.mqtt; | ||
733 | ssize_t n; | ||
734 | result = Curl_write(conn, sockfd, buf, len, &n); | ||
735 | if(!result && data->set.verbose) | ||
736 | @@ -426,7 +426,7 @@ static CURLcode mqtt_read_publish(struct connectdata *conn, | ||
737 | unsigned char *pkt = (unsigned char *)data->state.buffer; | ||
738 | size_t remlen; | ||
739 | struct mqtt_conn *mqtt = &conn->proto.mqtt; | ||
740 | - struct MQTT *mq = data->req.protop; | ||
741 | + struct MQTT *mq = data->req.p.mqtt; | ||
742 | unsigned char packet; | ||
743 | |||
744 | switch(mqtt->state) { | ||
745 | @@ -533,7 +533,7 @@ static CURLcode mqtt_doing(struct connectdata *conn, bool *done) | ||
746 | CURLcode result = CURLE_OK; | ||
747 | struct mqtt_conn *mqtt = &conn->proto.mqtt; | ||
748 | struct Curl_easy *data = conn->data; | ||
749 | - struct MQTT *mq = data->req.protop; | ||
750 | + struct MQTT *mq = data->req.p.mqtt; | ||
751 | ssize_t nread; | ||
752 | curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; | ||
753 | unsigned char *pkt = (unsigned char *)data->state.buffer; | ||
754 | diff --git a/lib/openldap.c b/lib/openldap.c | ||
755 | index 782d6a0..c955df6 100644 | ||
756 | --- a/lib/openldap.c | ||
757 | +++ b/lib/openldap.c | ||
758 | @@ -410,7 +410,7 @@ static CURLcode ldap_do(struct connectdata *conn, bool *done) | ||
759 | if(!lr) | ||
760 | return CURLE_OUT_OF_MEMORY; | ||
761 | lr->msgid = msgid; | ||
762 | - data->req.protop = lr; | ||
763 | + data->req.p.ldap = lr; | ||
764 | Curl_setup_transfer(data, FIRSTSOCKET, -1, FALSE, -1); | ||
765 | *done = TRUE; | ||
766 | return CURLE_OK; | ||
767 | @@ -419,7 +419,7 @@ static CURLcode ldap_do(struct connectdata *conn, bool *done) | ||
768 | static CURLcode ldap_done(struct connectdata *conn, CURLcode res, | ||
769 | bool premature) | ||
770 | { | ||
771 | - struct ldapreqinfo *lr = conn->data->req.protop; | ||
772 | + struct ldapreqinfo *lr = conn->data->req.p.ldap; | ||
773 | |||
774 | (void)res; | ||
775 | (void)premature; | ||
776 | @@ -431,7 +431,7 @@ static CURLcode ldap_done(struct connectdata *conn, CURLcode res, | ||
777 | ldap_abandon_ext(li->ld, lr->msgid, NULL, NULL); | ||
778 | lr->msgid = 0; | ||
779 | } | ||
780 | - conn->data->req.protop = NULL; | ||
781 | + conn->data->req.p.ldap = NULL; | ||
782 | free(lr); | ||
783 | } | ||
784 | |||
785 | @@ -443,7 +443,7 @@ static ssize_t ldap_recv(struct connectdata *conn, int sockindex, char *buf, | ||
786 | { | ||
787 | struct ldapconninfo *li = conn->proto.ldapc; | ||
788 | struct Curl_easy *data = conn->data; | ||
789 | - struct ldapreqinfo *lr = data->req.protop; | ||
790 | + struct ldapreqinfo *lr = data->req.p.ldap; | ||
791 | int rc, ret; | ||
792 | LDAPMessage *msg = NULL; | ||
793 | LDAPMessage *ent; | ||
794 | diff --git a/lib/pop3.c b/lib/pop3.c | ||
795 | index 9ff5c78..04cc887 100644 | ||
796 | --- a/lib/pop3.c | ||
797 | +++ b/lib/pop3.c | ||
798 | @@ -551,7 +551,7 @@ static CURLcode pop3_perform_command(struct connectdata *conn) | ||
799 | { | ||
800 | CURLcode result = CURLE_OK; | ||
801 | struct Curl_easy *data = conn->data; | ||
802 | - struct POP3 *pop3 = data->req.protop; | ||
803 | + struct POP3 *pop3 = data->req.p.pop3; | ||
804 | const char *command = NULL; | ||
805 | |||
806 | /* Calculate the default command */ | ||
807 | @@ -884,7 +884,7 @@ static CURLcode pop3_state_command_resp(struct connectdata *conn, | ||
808 | { | ||
809 | CURLcode result = CURLE_OK; | ||
810 | struct Curl_easy *data = conn->data; | ||
811 | - struct POP3 *pop3 = data->req.protop; | ||
812 | + struct POP3 *pop3 = data->req.p.pop3; | ||
813 | struct pop3_conn *pop3c = &conn->proto.pop3c; | ||
814 | struct pingpong *pp = &pop3c->pp; | ||
815 | |||
816 | @@ -1046,7 +1046,7 @@ static CURLcode pop3_init(struct connectdata *conn) | ||
817 | struct Curl_easy *data = conn->data; | ||
818 | struct POP3 *pop3; | ||
819 | |||
820 | - pop3 = data->req.protop = calloc(sizeof(struct POP3), 1); | ||
821 | + pop3 = data->req.p.pop3 = calloc(sizeof(struct POP3), 1); | ||
822 | if(!pop3) | ||
823 | result = CURLE_OUT_OF_MEMORY; | ||
824 | |||
825 | @@ -1120,7 +1120,7 @@ static CURLcode pop3_done(struct connectdata *conn, CURLcode status, | ||
826 | { | ||
827 | CURLcode result = CURLE_OK; | ||
828 | struct Curl_easy *data = conn->data; | ||
829 | - struct POP3 *pop3 = data->req.protop; | ||
830 | + struct POP3 *pop3 = data->req.p.pop3; | ||
831 | |||
832 | (void)premature; | ||
833 | |||
834 | @@ -1154,7 +1154,7 @@ static CURLcode pop3_perform(struct connectdata *conn, bool *connected, | ||
835 | { | ||
836 | /* This is POP3 and no proxy */ | ||
837 | CURLcode result = CURLE_OK; | ||
838 | - struct POP3 *pop3 = conn->data->req.protop; | ||
839 | + struct POP3 *pop3 = conn->data->req.p.pop3; | ||
840 | |||
841 | DEBUGF(infof(conn->data, "DO phase starts\n")); | ||
842 | |||
843 | @@ -1386,7 +1386,7 @@ static CURLcode pop3_parse_url_path(struct connectdata *conn) | ||
844 | { | ||
845 | /* The POP3 struct is already initialised in pop3_connect() */ | ||
846 | struct Curl_easy *data = conn->data; | ||
847 | - struct POP3 *pop3 = data->req.protop; | ||
848 | + struct POP3 *pop3 = data->req.p.pop3; | ||
849 | const char *path = &data->state.up.path[1]; /* skip leading path */ | ||
850 | |||
851 | /* URL decode the path for the message ID */ | ||
852 | @@ -1403,7 +1403,7 @@ static CURLcode pop3_parse_custom_request(struct connectdata *conn) | ||
853 | { | ||
854 | CURLcode result = CURLE_OK; | ||
855 | struct Curl_easy *data = conn->data; | ||
856 | - struct POP3 *pop3 = data->req.protop; | ||
857 | + struct POP3 *pop3 = data->req.p.pop3; | ||
858 | const char *custom = data->set.str[STRING_CUSTOMREQUEST]; | ||
859 | |||
860 | /* URL decode the custom request */ | ||
861 | diff --git a/lib/rtsp.c b/lib/rtsp.c | ||
862 | index dbd7dc6..29e6d58 100644 | ||
863 | --- a/lib/rtsp.c | ||
864 | +++ b/lib/rtsp.c | ||
865 | @@ -114,7 +114,7 @@ static CURLcode rtsp_setup_connection(struct connectdata *conn) | ||
866 | { | ||
867 | struct RTSP *rtsp; | ||
868 | |||
869 | - conn->data->req.protop = rtsp = calloc(1, sizeof(struct RTSP)); | ||
870 | + conn->data->req.p.rtsp = rtsp = calloc(1, sizeof(struct RTSP)); | ||
871 | if(!rtsp) | ||
872 | return CURLE_OUT_OF_MEMORY; | ||
873 | |||
874 | @@ -199,7 +199,7 @@ static CURLcode rtsp_done(struct connectdata *conn, | ||
875 | CURLcode status, bool premature) | ||
876 | { | ||
877 | struct Curl_easy *data = conn->data; | ||
878 | - struct RTSP *rtsp = data->req.protop; | ||
879 | + struct RTSP *rtsp = data->req.p.rtsp; | ||
880 | CURLcode httpStatus; | ||
881 | |||
882 | /* Bypass HTTP empty-reply checks on receive */ | ||
883 | @@ -232,7 +232,7 @@ static CURLcode rtsp_do(struct connectdata *conn, bool *done) | ||
884 | struct Curl_easy *data = conn->data; | ||
885 | CURLcode result = CURLE_OK; | ||
886 | Curl_RtspReq rtspreq = data->set.rtspreq; | ||
887 | - struct RTSP *rtsp = data->req.protop; | ||
888 | + struct RTSP *rtsp = data->req.p.rtsp; | ||
889 | struct dynbuf req_buffer; | ||
890 | curl_off_t postsize = 0; /* for ANNOUNCE and SET_PARAMETER */ | ||
891 | curl_off_t putsize = 0; /* for ANNOUNCE and SET_PARAMETER */ | ||
892 | @@ -764,7 +764,7 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, | ||
893 | /* Store the received CSeq. Match is verified in rtsp_done */ | ||
894 | int nc = sscanf(&header[4], ": %ld", &CSeq); | ||
895 | if(nc == 1) { | ||
896 | - struct RTSP *rtsp = data->req.protop; | ||
897 | + struct RTSP *rtsp = data->req.p.rtsp; | ||
898 | rtsp->CSeq_recv = CSeq; /* mark the request */ | ||
899 | data->state.rtsp_CSeq_recv = CSeq; /* update the handle */ | ||
900 | } | ||
901 | diff --git a/lib/smb.c b/lib/smb.c | ||
902 | index d493adc..9eba7ab 100644 | ||
903 | --- a/lib/smb.c | ||
904 | +++ b/lib/smb.c | ||
905 | @@ -204,7 +204,7 @@ static void conn_state(struct connectdata *conn, enum smb_conn_state newstate) | ||
906 | static void request_state(struct connectdata *conn, | ||
907 | enum smb_req_state newstate) | ||
908 | { | ||
909 | - struct smb_request *req = conn->data->req.protop; | ||
910 | + struct smb_request *req = conn->data->req.p.smb; | ||
911 | #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS) | ||
912 | /* For debug purposes */ | ||
913 | static const char * const names[] = { | ||
914 | @@ -234,7 +234,7 @@ static CURLcode smb_setup_connection(struct connectdata *conn) | ||
915 | struct smb_request *req; | ||
916 | |||
917 | /* Initialize the request state */ | ||
918 | - conn->data->req.protop = req = calloc(1, sizeof(struct smb_request)); | ||
919 | + conn->data->req.p.smb = req = calloc(1, sizeof(struct smb_request)); | ||
920 | if(!req) | ||
921 | return CURLE_OUT_OF_MEMORY; | ||
922 | |||
923 | @@ -342,7 +342,7 @@ static void smb_format_message(struct connectdata *conn, struct smb_header *h, | ||
924 | unsigned char cmd, size_t len) | ||
925 | { | ||
926 | struct smb_conn *smbc = &conn->proto.smbc; | ||
927 | - struct smb_request *req = conn->data->req.protop; | ||
928 | + struct smb_request *req = conn->data->req.p.smb; | ||
929 | unsigned int pid; | ||
930 | |||
931 | memset(h, 0, sizeof(*h)); | ||
932 | @@ -505,7 +505,7 @@ static CURLcode smb_send_tree_connect(struct connectdata *conn) | ||
933 | |||
934 | static CURLcode smb_send_open(struct connectdata *conn) | ||
935 | { | ||
936 | - struct smb_request *req = conn->data->req.protop; | ||
937 | + struct smb_request *req = conn->data->req.p.smb; | ||
938 | struct smb_nt_create msg; | ||
939 | size_t byte_count; | ||
940 | |||
941 | @@ -535,7 +535,7 @@ static CURLcode smb_send_open(struct connectdata *conn) | ||
942 | |||
943 | static CURLcode smb_send_close(struct connectdata *conn) | ||
944 | { | ||
945 | - struct smb_request *req = conn->data->req.protop; | ||
946 | + struct smb_request *req = conn->data->req.p.smb; | ||
947 | struct smb_close msg; | ||
948 | |||
949 | memset(&msg, 0, sizeof(msg)); | ||
950 | @@ -556,7 +556,7 @@ static CURLcode smb_send_tree_disconnect(struct connectdata *conn) | ||
951 | |||
952 | static CURLcode smb_send_read(struct connectdata *conn) | ||
953 | { | ||
954 | - struct smb_request *req = conn->data->req.protop; | ||
955 | + struct smb_request *req = conn->data->req.p.smb; | ||
956 | curl_off_t offset = conn->data->req.offset; | ||
957 | struct smb_read msg; | ||
958 | |||
959 | @@ -575,7 +575,7 @@ static CURLcode smb_send_read(struct connectdata *conn) | ||
960 | static CURLcode smb_send_write(struct connectdata *conn) | ||
961 | { | ||
962 | struct smb_write *msg; | ||
963 | - struct smb_request *req = conn->data->req.protop; | ||
964 | + struct smb_request *req = conn->data->req.p.smb; | ||
965 | curl_off_t offset = conn->data->req.offset; | ||
966 | curl_off_t upload_size = conn->data->req.size - conn->data->req.bytecount; | ||
967 | CURLcode result = Curl_get_upload_buffer(conn->data); | ||
968 | @@ -738,7 +738,7 @@ static void get_posix_time(time_t *out, curl_off_t timestamp) | ||
969 | |||
970 | static CURLcode smb_request_state(struct connectdata *conn, bool *done) | ||
971 | { | ||
972 | - struct smb_request *req = conn->data->req.protop; | ||
973 | + struct smb_request *req = conn->data->req.p.smb; | ||
974 | struct smb_header *h; | ||
975 | struct smb_conn *smbc = &conn->proto.smbc; | ||
976 | enum smb_req_state next_state = SMB_DONE; | ||
977 | @@ -923,7 +923,7 @@ static CURLcode smb_done(struct connectdata *conn, CURLcode status, | ||
978 | bool premature) | ||
979 | { | ||
980 | (void) premature; | ||
981 | - Curl_safefree(conn->data->req.protop); | ||
982 | + Curl_safefree(conn->data->req.p.smb); | ||
983 | return status; | ||
984 | } | ||
985 | |||
986 | @@ -957,7 +957,7 @@ static CURLcode smb_do(struct connectdata *conn, bool *done) | ||
987 | static CURLcode smb_parse_url_path(struct connectdata *conn) | ||
988 | { | ||
989 | struct Curl_easy *data = conn->data; | ||
990 | - struct smb_request *req = data->req.protop; | ||
991 | + struct smb_request *req = data->req.p.smb; | ||
992 | struct smb_conn *smbc = &conn->proto.smbc; | ||
993 | char *path; | ||
994 | char *slash; | ||
995 | diff --git a/lib/smtp.c b/lib/smtp.c | ||
996 | index aea41bb..c5d0296 100644 | ||
997 | --- a/lib/smtp.c | ||
998 | +++ b/lib/smtp.c | ||
999 | @@ -484,7 +484,7 @@ static CURLcode smtp_perform_command(struct connectdata *conn) | ||
1000 | { | ||
1001 | CURLcode result = CURLE_OK; | ||
1002 | struct Curl_easy *data = conn->data; | ||
1003 | - struct SMTP *smtp = data->req.protop; | ||
1004 | + struct SMTP *smtp = data->req.p.smtp; | ||
1005 | |||
1006 | if(smtp->rcpt) { | ||
1007 | /* We notify the server we are sending UTF-8 data if a) it supports the | ||
1008 | @@ -697,7 +697,7 @@ static CURLcode smtp_perform_mail(struct connectdata *conn) | ||
1009 | any there do, as we need to correctly identify our support for SMTPUTF8 | ||
1010 | in the envelope, as per RFC-6531 sect. 3.4 */ | ||
1011 | if(conn->proto.smtpc.utf8_supported && !utf8) { | ||
1012 | - struct SMTP *smtp = data->req.protop; | ||
1013 | + struct SMTP *smtp = data->req.p.smtp; | ||
1014 | struct curl_slist *rcpt = smtp->rcpt; | ||
1015 | |||
1016 | while(rcpt && !utf8) { | ||
1017 | @@ -741,7 +741,7 @@ static CURLcode smtp_perform_rcpt_to(struct connectdata *conn) | ||
1018 | { | ||
1019 | CURLcode result = CURLE_OK; | ||
1020 | struct Curl_easy *data = conn->data; | ||
1021 | - struct SMTP *smtp = data->req.protop; | ||
1022 | + struct SMTP *smtp = data->req.p.smtp; | ||
1023 | char *address = NULL; | ||
1024 | struct hostname host = { NULL, NULL, NULL, NULL }; | ||
1025 | |||
1026 | @@ -989,7 +989,7 @@ static CURLcode smtp_state_command_resp(struct connectdata *conn, int smtpcode, | ||
1027 | { | ||
1028 | CURLcode result = CURLE_OK; | ||
1029 | struct Curl_easy *data = conn->data; | ||
1030 | - struct SMTP *smtp = data->req.protop; | ||
1031 | + struct SMTP *smtp = data->req.p.smtp; | ||
1032 | char *line = data->state.buffer; | ||
1033 | size_t len = strlen(line); | ||
1034 | |||
1035 | @@ -1055,7 +1055,7 @@ static CURLcode smtp_state_rcpt_resp(struct connectdata *conn, int smtpcode, | ||
1036 | { | ||
1037 | CURLcode result = CURLE_OK; | ||
1038 | struct Curl_easy *data = conn->data; | ||
1039 | - struct SMTP *smtp = data->req.protop; | ||
1040 | + struct SMTP *smtp = data->req.p.smtp; | ||
1041 | bool is_smtp_err = FALSE; | ||
1042 | bool is_smtp_blocking_err = FALSE; | ||
1043 | |||
1044 | @@ -1278,7 +1278,7 @@ static CURLcode smtp_init(struct connectdata *conn) | ||
1045 | struct Curl_easy *data = conn->data; | ||
1046 | struct SMTP *smtp; | ||
1047 | |||
1048 | - smtp = data->req.protop = calloc(sizeof(struct SMTP), 1); | ||
1049 | + smtp = data->req.p.smtp = calloc(sizeof(struct SMTP), 1); | ||
1050 | if(!smtp) | ||
1051 | result = CURLE_OUT_OF_MEMORY; | ||
1052 | |||
1053 | @@ -1356,7 +1356,7 @@ static CURLcode smtp_done(struct connectdata *conn, CURLcode status, | ||
1054 | { | ||
1055 | CURLcode result = CURLE_OK; | ||
1056 | struct Curl_easy *data = conn->data; | ||
1057 | - struct SMTP *smtp = data->req.protop; | ||
1058 | + struct SMTP *smtp = data->req.p.smtp; | ||
1059 | struct pingpong *pp = &conn->proto.smtpc.pp; | ||
1060 | char *eob; | ||
1061 | ssize_t len; | ||
1062 | @@ -1442,7 +1442,7 @@ static CURLcode smtp_perform(struct connectdata *conn, bool *connected, | ||
1063 | /* This is SMTP and no proxy */ | ||
1064 | CURLcode result = CURLE_OK; | ||
1065 | struct Curl_easy *data = conn->data; | ||
1066 | - struct SMTP *smtp = data->req.protop; | ||
1067 | + struct SMTP *smtp = data->req.p.smtp; | ||
1068 | |||
1069 | DEBUGF(infof(conn->data, "DO phase starts\n")); | ||
1070 | |||
1071 | @@ -1550,7 +1550,7 @@ static CURLcode smtp_disconnect(struct connectdata *conn, bool dead_connection) | ||
1072 | /* Call this when the DO phase has completed */ | ||
1073 | static CURLcode smtp_dophase_done(struct connectdata *conn, bool connected) | ||
1074 | { | ||
1075 | - struct SMTP *smtp = conn->data->req.protop; | ||
1076 | + struct SMTP *smtp = conn->data->req.p.smtp; | ||
1077 | |||
1078 | (void)connected; | ||
1079 | |||
1080 | @@ -1703,7 +1703,7 @@ static CURLcode smtp_parse_custom_request(struct connectdata *conn) | ||
1081 | { | ||
1082 | CURLcode result = CURLE_OK; | ||
1083 | struct Curl_easy *data = conn->data; | ||
1084 | - struct SMTP *smtp = data->req.protop; | ||
1085 | + struct SMTP *smtp = data->req.p.smtp; | ||
1086 | const char *custom = data->set.str[STRING_CUSTOMREQUEST]; | ||
1087 | |||
1088 | /* URL decode the custom request */ | ||
1089 | @@ -1796,7 +1796,7 @@ CURLcode Curl_smtp_escape_eob(struct connectdata *conn, const ssize_t nread) | ||
1090 | ssize_t i; | ||
1091 | ssize_t si; | ||
1092 | struct Curl_easy *data = conn->data; | ||
1093 | - struct SMTP *smtp = data->req.protop; | ||
1094 | + struct SMTP *smtp = data->req.p.smtp; | ||
1095 | char *scratch = data->state.scratch; | ||
1096 | char *newscratch = NULL; | ||
1097 | char *oldscratch = NULL; | ||
1098 | diff --git a/lib/telnet.c b/lib/telnet.c | ||
1099 | index c3b58e5..1fc5af1 100644 | ||
1100 | --- a/lib/telnet.c | ||
1101 | +++ b/lib/telnet.c | ||
1102 | @@ -247,7 +247,7 @@ CURLcode init_telnet(struct connectdata *conn) | ||
1103 | if(!tn) | ||
1104 | return CURLE_OUT_OF_MEMORY; | ||
1105 | |||
1106 | - conn->data->req.protop = tn; /* make us known */ | ||
1107 | + conn->data->req.p.telnet = tn; /* make us known */ | ||
1108 | |||
1109 | tn->telrcv_state = CURL_TS_DATA; | ||
1110 | |||
1111 | @@ -292,7 +292,7 @@ CURLcode init_telnet(struct connectdata *conn) | ||
1112 | static void negotiate(struct connectdata *conn) | ||
1113 | { | ||
1114 | int i; | ||
1115 | - struct TELNET *tn = (struct TELNET *) conn->data->req.protop; | ||
1116 | + struct TELNET *tn = (struct TELNET *) conn->data->req.p.telnet; | ||
1117 | |||
1118 | for(i = 0; i < CURL_NTELOPTS; i++) { | ||
1119 | if(i == CURL_TELOPT_ECHO) | ||
1120 | @@ -365,7 +365,7 @@ static void send_negotiation(struct connectdata *conn, int cmd, int option) | ||
1121 | static | ||
1122 | void set_remote_option(struct connectdata *conn, int option, int newstate) | ||
1123 | { | ||
1124 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1125 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1126 | if(newstate == CURL_YES) { | ||
1127 | switch(tn->him[option]) { | ||
1128 | case CURL_NO: | ||
1129 | @@ -439,7 +439,7 @@ void set_remote_option(struct connectdata *conn, int option, int newstate) | ||
1130 | static | ||
1131 | void rec_will(struct connectdata *conn, int option) | ||
1132 | { | ||
1133 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1134 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1135 | switch(tn->him[option]) { | ||
1136 | case CURL_NO: | ||
1137 | if(tn->him_preferred[option] == CURL_YES) { | ||
1138 | @@ -487,7 +487,7 @@ void rec_will(struct connectdata *conn, int option) | ||
1139 | static | ||
1140 | void rec_wont(struct connectdata *conn, int option) | ||
1141 | { | ||
1142 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1143 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1144 | switch(tn->him[option]) { | ||
1145 | case CURL_NO: | ||
1146 | /* Already disabled */ | ||
1147 | @@ -529,7 +529,7 @@ void rec_wont(struct connectdata *conn, int option) | ||
1148 | static void | ||
1149 | set_local_option(struct connectdata *conn, int option, int newstate) | ||
1150 | { | ||
1151 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1152 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1153 | if(newstate == CURL_YES) { | ||
1154 | switch(tn->us[option]) { | ||
1155 | case CURL_NO: | ||
1156 | @@ -603,7 +603,7 @@ set_local_option(struct connectdata *conn, int option, int newstate) | ||
1157 | static | ||
1158 | void rec_do(struct connectdata *conn, int option) | ||
1159 | { | ||
1160 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1161 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1162 | switch(tn->us[option]) { | ||
1163 | case CURL_NO: | ||
1164 | if(tn->us_preferred[option] == CURL_YES) { | ||
1165 | @@ -663,7 +663,7 @@ void rec_do(struct connectdata *conn, int option) | ||
1166 | static | ||
1167 | void rec_dont(struct connectdata *conn, int option) | ||
1168 | { | ||
1169 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1170 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1171 | switch(tn->us[option]) { | ||
1172 | case CURL_NO: | ||
1173 | /* Already disabled */ | ||
1174 | @@ -822,7 +822,7 @@ static CURLcode check_telnet_options(struct connectdata *conn) | ||
1175 | char option_keyword[128] = ""; | ||
1176 | char option_arg[256] = ""; | ||
1177 | struct Curl_easy *data = conn->data; | ||
1178 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1179 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1180 | CURLcode result = CURLE_OK; | ||
1181 | int binary_option; | ||
1182 | |||
1183 | @@ -929,7 +929,7 @@ static void suboption(struct connectdata *conn) | ||
1184 | char varname[128] = ""; | ||
1185 | char varval[128] = ""; | ||
1186 | struct Curl_easy *data = conn->data; | ||
1187 | - struct TELNET *tn = (struct TELNET *)data->req.protop; | ||
1188 | + struct TELNET *tn = (struct TELNET *)data->req.p.telnet; | ||
1189 | |||
1190 | printsub(data, '<', (unsigned char *)tn->subbuffer, CURL_SB_LEN(tn) + 2); | ||
1191 | switch(CURL_SB_GET(tn)) { | ||
1192 | @@ -1004,7 +1004,7 @@ static void sendsuboption(struct connectdata *conn, int option) | ||
1193 | unsigned char *uc1, *uc2; | ||
1194 | |||
1195 | struct Curl_easy *data = conn->data; | ||
1196 | - struct TELNET *tn = (struct TELNET *)data->req.protop; | ||
1197 | + struct TELNET *tn = (struct TELNET *)data->req.p.telnet; | ||
1198 | |||
1199 | switch(option) { | ||
1200 | case CURL_TELOPT_NAWS: | ||
1201 | @@ -1062,7 +1062,7 @@ CURLcode telrcv(struct connectdata *conn, | ||
1202 | int in = 0; | ||
1203 | int startwrite = -1; | ||
1204 | struct Curl_easy *data = conn->data; | ||
1205 | - struct TELNET *tn = (struct TELNET *)data->req.protop; | ||
1206 | + struct TELNET *tn = (struct TELNET *)data->req.p.telnet; | ||
1207 | |||
1208 | #define startskipping() \ | ||
1209 | if(startwrite >= 0) { \ | ||
1210 | @@ -1280,7 +1280,7 @@ static CURLcode send_telnet_data(struct connectdata *conn, | ||
1211 | static CURLcode telnet_done(struct connectdata *conn, | ||
1212 | CURLcode status, bool premature) | ||
1213 | { | ||
1214 | - struct TELNET *tn = (struct TELNET *)conn->data->req.protop; | ||
1215 | + struct TELNET *tn = (struct TELNET *)conn->data->req.p.telnet; | ||
1216 | (void)status; /* unused */ | ||
1217 | (void)premature; /* not used */ | ||
1218 | |||
1219 | @@ -1290,7 +1290,7 @@ static CURLcode telnet_done(struct connectdata *conn, | ||
1220 | curl_slist_free_all(tn->telnet_vars); | ||
1221 | tn->telnet_vars = NULL; | ||
1222 | |||
1223 | - Curl_safefree(conn->data->req.protop); | ||
1224 | + Curl_safefree(conn->data->req.p.telnet); | ||
1225 | |||
1226 | return CURLE_OK; | ||
1227 | } | ||
1228 | @@ -1333,7 +1333,7 @@ static CURLcode telnet_do(struct connectdata *conn, bool *done) | ||
1229 | if(result) | ||
1230 | return result; | ||
1231 | |||
1232 | - tn = (struct TELNET *)data->req.protop; | ||
1233 | + tn = data->req.p.telnet; | ||
1234 | |||
1235 | result = check_telnet_options(conn); | ||
1236 | if(result) | ||
1237 | diff --git a/lib/transfer.c b/lib/transfer.c | ||
1238 | index a07c7af..4630609 100644 | ||
1239 | --- a/lib/transfer.c | ||
1240 | +++ b/lib/transfer.c | ||
1241 | @@ -167,7 +167,7 @@ CURLcode Curl_fillreadbuffer(struct connectdata *conn, size_t bytes, | ||
1242 | bool sending_http_headers = FALSE; | ||
1243 | |||
1244 | if(conn->handler->protocol&(PROTO_FAMILY_HTTP|CURLPROTO_RTSP)) { | ||
1245 | - const struct HTTP *http = data->req.protop; | ||
1246 | + const struct HTTP *http = data->req.p.http; | ||
1247 | |||
1248 | if(http->sending == HTTPSEND_REQUEST) | ||
1249 | /* We're sending the HTTP request headers, not the data. | ||
1250 | @@ -426,7 +426,7 @@ CURLcode Curl_readrewind(struct connectdata *conn) | ||
1251 | CURLOPT_HTTPPOST, call app to rewind | ||
1252 | */ | ||
1253 | if(conn->handler->protocol & PROTO_FAMILY_HTTP) { | ||
1254 | - struct HTTP *http = data->req.protop; | ||
1255 | + struct HTTP *http = data->req.p.http; | ||
1256 | |||
1257 | if(http->sendit) | ||
1258 | mimepart = http->sendit; | ||
1259 | @@ -1028,7 +1028,7 @@ static CURLcode readwrite_upload(struct Curl_easy *data, | ||
1260 | /* HTTP pollution, this should be written nicer to become more | ||
1261 | protocol agnostic. */ | ||
1262 | size_t fillcount; | ||
1263 | - struct HTTP *http = k->protop; | ||
1264 | + struct HTTP *http = k->p.http; | ||
1265 | |||
1266 | if((k->exp100 == EXP100_SENDING_REQUEST) && | ||
1267 | (http->sending == HTTPSEND_BODY)) { | ||
1268 | @@ -1853,7 +1853,7 @@ Curl_setup_transfer( | ||
1269 | { | ||
1270 | struct SingleRequest *k = &data->req; | ||
1271 | struct connectdata *conn = data->conn; | ||
1272 | - struct HTTP *http = data->req.protop; | ||
1273 | + struct HTTP *http = data->req.p.http; | ||
1274 | bool httpsending = ((conn->handler->protocol&PROTO_FAMILY_HTTP) && | ||
1275 | (http->sending == HTTPSEND_REQUEST)); | ||
1276 | DEBUGASSERT(conn != NULL); | ||
1277 | diff --git a/lib/url.c b/lib/url.c | ||
1278 | index 150667a..849d527 100644 | ||
1279 | --- a/lib/url.c | ||
1280 | +++ b/lib/url.c | ||
1281 | @@ -2060,7 +2060,7 @@ static CURLcode setup_connection_internals(struct connectdata *conn) | ||
1282 | |||
1283 | void Curl_free_request_state(struct Curl_easy *data) | ||
1284 | { | ||
1285 | - Curl_safefree(data->req.protop); | ||
1286 | + Curl_safefree(data->req.p.http); | ||
1287 | Curl_safefree(data->req.newurl); | ||
1288 | |||
1289 | #ifndef CURL_DISABLE_DOH | ||
1290 | diff --git a/lib/urldata.h b/lib/urldata.h | ||
1291 | index 0ae9269..76baee3 100644 | ||
1292 | --- a/lib/urldata.h | ||
1293 | +++ b/lib/urldata.h | ||
1294 | @@ -645,8 +645,23 @@ struct SingleRequest { | ||
1295 | and the 'upload_present' contains the number of bytes available at this | ||
1296 | position */ | ||
1297 | char *upload_fromhere; | ||
1298 | - void *protop; /* Allocated protocol-specific data. Each protocol | ||
1299 | - handler makes sure this points to data it needs. */ | ||
1300 | + | ||
1301 | + /* Allocated protocol-specific data. Each protocol handler makes sure this | ||
1302 | + points to data it needs. */ | ||
1303 | + union { | ||
1304 | + struct FILEPROTO *file; | ||
1305 | + struct FTP *ftp; | ||
1306 | + struct HTTP *http; | ||
1307 | + struct IMAP *imap; | ||
1308 | + struct ldapreqinfo *ldap; | ||
1309 | + struct MQTT *mqtt; | ||
1310 | + struct POP3 *pop3; | ||
1311 | + struct RTSP *rtsp; | ||
1312 | + struct smb_request *smb; | ||
1313 | + struct SMTP *smtp; | ||
1314 | + struct SSHPROTO *ssh; | ||
1315 | + struct TELNET *telnet; | ||
1316 | + } p; | ||
1317 | #ifndef CURL_DISABLE_DOH | ||
1318 | struct dohdata doh; /* DoH specific data for this request */ | ||
1319 | #endif | ||
1320 | diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c | ||
1321 | index 20ee08d..18eeda8 100644 | ||
1322 | --- a/lib/vquic/ngtcp2.c | ||
1323 | +++ b/lib/vquic/ngtcp2.c | ||
1324 | @@ -962,7 +962,7 @@ static int cb_h3_stream_close(nghttp3_conn *conn, int64_t stream_id, | ||
1325 | void *stream_user_data) | ||
1326 | { | ||
1327 | struct Curl_easy *data = stream_user_data; | ||
1328 | - struct HTTP *stream = data->req.protop; | ||
1329 | + struct HTTP *stream = data->req.p.http; | ||
1330 | (void)conn; | ||
1331 | (void)stream_id; | ||
1332 | (void)app_error_code; | ||
1333 | @@ -1008,7 +1008,7 @@ static int cb_h3_recv_data(nghttp3_conn *conn, int64_t stream_id, | ||
1334 | void *user_data, void *stream_user_data) | ||
1335 | { | ||
1336 | struct Curl_easy *data = stream_user_data; | ||
1337 | - struct HTTP *stream = data->req.protop; | ||
1338 | + struct HTTP *stream = data->req.p.http; | ||
1339 | CURLcode result = CURLE_OK; | ||
1340 | (void)conn; | ||
1341 | |||
1342 | @@ -1067,7 +1067,7 @@ static int cb_h3_end_headers(nghttp3_conn *conn, int64_t stream_id, | ||
1343 | void *user_data, void *stream_user_data) | ||
1344 | { | ||
1345 | struct Curl_easy *data = stream_user_data; | ||
1346 | - struct HTTP *stream = data->req.protop; | ||
1347 | + struct HTTP *stream = data->req.p.http; | ||
1348 | CURLcode result = CURLE_OK; | ||
1349 | (void)conn; | ||
1350 | (void)stream_id; | ||
1351 | @@ -1091,7 +1091,7 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t stream_id, | ||
1352 | nghttp3_vec h3name = nghttp3_rcbuf_get_buf(name); | ||
1353 | nghttp3_vec h3val = nghttp3_rcbuf_get_buf(value); | ||
1354 | struct Curl_easy *data = stream_user_data; | ||
1355 | - struct HTTP *stream = data->req.protop; | ||
1356 | + struct HTTP *stream = data->req.p.http; | ||
1357 | CURLcode result = CURLE_OK; | ||
1358 | (void)conn; | ||
1359 | (void)stream_id; | ||
1360 | @@ -1255,7 +1255,7 @@ static ssize_t ngh3_stream_recv(struct connectdata *conn, | ||
1361 | CURLcode *curlcode) | ||
1362 | { | ||
1363 | curl_socket_t sockfd = conn->sock[sockindex]; | ||
1364 | - struct HTTP *stream = conn->data->req.protop; | ||
1365 | + struct HTTP *stream = conn->data->req.p.http; | ||
1366 | struct quicsocket *qs = conn->quic; | ||
1367 | |||
1368 | if(!stream->memlen) { | ||
1369 | @@ -1313,7 +1313,7 @@ static int cb_h3_acked_stream_data(nghttp3_conn *conn, int64_t stream_id, | ||
1370 | void *stream_user_data) | ||
1371 | { | ||
1372 | struct Curl_easy *data = stream_user_data; | ||
1373 | - struct HTTP *stream = data->req.protop; | ||
1374 | + struct HTTP *stream = data->req.p.http; | ||
1375 | (void)conn; | ||
1376 | (void)stream_id; | ||
1377 | (void)user_data; | ||
1378 | @@ -1335,7 +1335,7 @@ static ssize_t cb_h3_readfunction(nghttp3_conn *conn, int64_t stream_id, | ||
1379 | { | ||
1380 | struct Curl_easy *data = stream_user_data; | ||
1381 | size_t nread; | ||
1382 | - struct HTTP *stream = data->req.protop; | ||
1383 | + struct HTTP *stream = data->req.p.http; | ||
1384 | (void)conn; | ||
1385 | (void)stream_id; | ||
1386 | (void)user_data; | ||
1387 | @@ -1398,7 +1398,7 @@ static ssize_t cb_h3_readfunction(nghttp3_conn *conn, int64_t stream_id, | ||
1388 | static CURLcode http_request(struct connectdata *conn, const void *mem, | ||
1389 | size_t len) | ||
1390 | { | ||
1391 | - struct HTTP *stream = conn->data->req.protop; | ||
1392 | + struct HTTP *stream = conn->data->req.p.http; | ||
1393 | size_t nheader; | ||
1394 | size_t i; | ||
1395 | size_t authority_idx; | ||
1396 | @@ -1641,7 +1641,7 @@ static ssize_t ngh3_stream_send(struct connectdata *conn, | ||
1397 | ssize_t sent; | ||
1398 | struct quicsocket *qs = conn->quic; | ||
1399 | curl_socket_t sockfd = conn->sock[sockindex]; | ||
1400 | - struct HTTP *stream = conn->data->req.protop; | ||
1401 | + struct HTTP *stream = conn->data->req.p.http; | ||
1402 | |||
1403 | if(!stream->h3req) { | ||
1404 | CURLcode result = http_request(conn, mem, len); | ||
1405 | @@ -1909,7 +1909,7 @@ CURLcode Curl_quic_done_sending(struct connectdata *conn) | ||
1406 | { | ||
1407 | if(conn->handler == &Curl_handler_http3) { | ||
1408 | /* only for HTTP/3 transfers */ | ||
1409 | - struct HTTP *stream = conn->data->req.protop; | ||
1410 | + struct HTTP *stream = conn->data->req.p.http; | ||
1411 | struct quicsocket *qs = conn->quic; | ||
1412 | stream->upload_done = TRUE; | ||
1413 | (void)nghttp3_conn_resume_stream(qs->h3conn, stream->stream3_id); | ||
1414 | @@ -1926,7 +1926,7 @@ void Curl_quic_done(struct Curl_easy *data, bool premature) | ||
1415 | (void)premature; | ||
1416 | if(data->conn->handler == &Curl_handler_http3) { | ||
1417 | /* only for HTTP/3 transfers */ | ||
1418 | - struct HTTP *stream = data->req.protop; | ||
1419 | + struct HTTP *stream = data->req.p.http; | ||
1420 | Curl_dyn_free(&stream->overflow); | ||
1421 | } | ||
1422 | } | ||
1423 | @@ -1941,7 +1941,7 @@ bool Curl_quic_data_pending(const struct Curl_easy *data) | ||
1424 | buffer and allocated an overflow buffer. Since it's possible that | ||
1425 | there's no more data coming on the socket, we need to keep reading | ||
1426 | until the overflow buffer is empty. */ | ||
1427 | - const struct HTTP *stream = data->req.protop; | ||
1428 | + const struct HTTP *stream = data->req.p.http; | ||
1429 | return Curl_dyn_len(&stream->overflow) > 0; | ||
1430 | } | ||
1431 | |||
1432 | diff --git a/lib/vquic/quiche.c b/lib/vquic/quiche.c | ||
1433 | index fd9cb8b..c0e250d 100644 | ||
1434 | --- a/lib/vquic/quiche.c | ||
1435 | +++ b/lib/vquic/quiche.c | ||
1436 | @@ -131,7 +131,7 @@ static unsigned int quiche_conncheck(struct connectdata *conn, | ||
1437 | |||
1438 | static CURLcode quiche_do(struct connectdata *conn, bool *done) | ||
1439 | { | ||
1440 | - struct HTTP *stream = conn->data->req.protop; | ||
1441 | + struct HTTP *stream = conn->data->req.p.http; | ||
1442 | stream->h3req = FALSE; /* not sent */ | ||
1443 | return Curl_http(conn, done); | ||
1444 | } | ||
1445 | @@ -460,7 +460,7 @@ static ssize_t h3_stream_recv(struct connectdata *conn, | ||
1446 | int rc; | ||
1447 | struct h3h1header headers; | ||
1448 | struct Curl_easy *data = conn->data; | ||
1449 | - struct HTTP *stream = data->req.protop; | ||
1450 | + struct HTTP *stream = data->req.p.http; | ||
1451 | headers.dest = buf; | ||
1452 | headers.destlen = buffersize; | ||
1453 | headers.nlen = 0; | ||
1454 | @@ -548,7 +548,7 @@ static ssize_t h3_stream_send(struct connectdata *conn, | ||
1455 | ssize_t sent; | ||
1456 | struct quicsocket *qs = conn->quic; | ||
1457 | curl_socket_t sockfd = conn->sock[sockindex]; | ||
1458 | - struct HTTP *stream = conn->data->req.protop; | ||
1459 | + struct HTTP *stream = conn->data->req.p.http; | ||
1460 | |||
1461 | if(!stream->h3req) { | ||
1462 | CURLcode result = http_request(conn, mem, len); | ||
1463 | @@ -596,7 +596,7 @@ static CURLcode http_request(struct connectdata *conn, const void *mem, | ||
1464 | { | ||
1465 | /* | ||
1466 | */ | ||
1467 | - struct HTTP *stream = conn->data->req.protop; | ||
1468 | + struct HTTP *stream = conn->data->req.p.http; | ||
1469 | size_t nheader; | ||
1470 | size_t i; | ||
1471 | size_t authority_idx; | ||
1472 | @@ -824,7 +824,7 @@ CURLcode Curl_quic_done_sending(struct connectdata *conn) | ||
1473 | if(conn->handler == &Curl_handler_http3) { | ||
1474 | /* only for HTTP/3 transfers */ | ||
1475 | ssize_t sent; | ||
1476 | - struct HTTP *stream = conn->data->req.protop; | ||
1477 | + struct HTTP *stream = conn->data->req.p.http; | ||
1478 | struct quicsocket *qs = conn->quic; | ||
1479 | fprintf(stderr, "!!! Curl_quic_done_sending\n"); | ||
1480 | stream->upload_done = TRUE; | ||
1481 | diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c | ||
1482 | index 8988e23..a84e1bf 100644 | ||
1483 | --- a/lib/vssh/libssh.c | ||
1484 | +++ b/lib/vssh/libssh.c | ||
1485 | @@ -662,7 +662,7 @@ static CURLcode myssh_statemach_act(struct connectdata *conn, bool *block) | ||
1486 | { | ||
1487 | CURLcode result = CURLE_OK; | ||
1488 | struct Curl_easy *data = conn->data; | ||
1489 | - struct SSHPROTO *protop = data->req.protop; | ||
1490 | + struct SSHPROTO *protop = data->req.p.ssh; | ||
1491 | struct ssh_conn *sshc = &conn->proto.sshc; | ||
1492 | curl_socket_t sock = conn->sock[FIRSTSOCKET]; | ||
1493 | int rc = SSH_NO_ERROR, err; | ||
1494 | @@ -2129,7 +2129,7 @@ static CURLcode myssh_setup_connection(struct connectdata *conn) | ||
1495 | { | ||
1496 | struct SSHPROTO *ssh; | ||
1497 | |||
1498 | - conn->data->req.protop = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1499 | + conn->data->req.p.ssh = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1500 | if(!ssh) | ||
1501 | return CURLE_OUT_OF_MEMORY; | ||
1502 | |||
1503 | @@ -2152,7 +2152,7 @@ static CURLcode myssh_connect(struct connectdata *conn, bool *done) | ||
1504 | int rc; | ||
1505 | |||
1506 | /* initialize per-handle data if not already */ | ||
1507 | - if(!data->req.protop) | ||
1508 | + if(!data->req.p.ssh) | ||
1509 | myssh_setup_connection(conn); | ||
1510 | |||
1511 | /* We default to persistent connections. We set this already in this connect | ||
1512 | @@ -2353,7 +2353,7 @@ static CURLcode scp_disconnect(struct connectdata *conn, | ||
1513 | static CURLcode myssh_done(struct connectdata *conn, CURLcode status) | ||
1514 | { | ||
1515 | CURLcode result = CURLE_OK; | ||
1516 | - struct SSHPROTO *protop = conn->data->req.protop; | ||
1517 | + struct SSHPROTO *protop = conn->data->req.p.ssh; | ||
1518 | |||
1519 | if(!status) { | ||
1520 | /* run the state-machine */ | ||
1521 | @@ -2606,7 +2606,7 @@ static void sftp_quote(struct connectdata *conn) | ||
1522 | { | ||
1523 | const char *cp; | ||
1524 | struct Curl_easy *data = conn->data; | ||
1525 | - struct SSHPROTO *protop = data->req.protop; | ||
1526 | + struct SSHPROTO *protop = data->req.p.ssh; | ||
1527 | struct ssh_conn *sshc = &conn->proto.sshc; | ||
1528 | CURLcode result; | ||
1529 | |||
1530 | diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c | ||
1531 | index 4f56bb4..3ed777f 100644 | ||
1532 | --- a/lib/vssh/libssh2.c | ||
1533 | +++ b/lib/vssh/libssh2.c | ||
1534 | @@ -789,7 +789,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) | ||
1535 | { | ||
1536 | CURLcode result = CURLE_OK; | ||
1537 | struct Curl_easy *data = conn->data; | ||
1538 | - struct SSHPROTO *sftp_scp = data->req.protop; | ||
1539 | + struct SSHPROTO *sftp_scp = data->req.p.ssh; | ||
1540 | struct ssh_conn *sshc = &conn->proto.sshc; | ||
1541 | curl_socket_t sock = conn->sock[FIRSTSOCKET]; | ||
1542 | int rc = LIBSSH2_ERROR_NONE; | ||
1543 | @@ -2989,7 +2989,7 @@ static CURLcode ssh_setup_connection(struct connectdata *conn) | ||
1544 | { | ||
1545 | struct SSHPROTO *ssh; | ||
1546 | |||
1547 | - conn->data->req.protop = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1548 | + conn->data->req.p.ssh = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1549 | if(!ssh) | ||
1550 | return CURLE_OUT_OF_MEMORY; | ||
1551 | |||
1552 | @@ -3013,7 +3013,7 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done) | ||
1553 | struct Curl_easy *data = conn->data; | ||
1554 | |||
1555 | /* initialize per-handle data if not already */ | ||
1556 | - if(!data->req.protop) | ||
1557 | + if(!data->req.p.ssh) | ||
1558 | ssh_setup_connection(conn); | ||
1559 | |||
1560 | /* We default to persistent connections. We set this already in this connect | ||
1561 | @@ -3192,7 +3192,7 @@ static CURLcode scp_disconnect(struct connectdata *conn, bool dead_connection) | ||
1562 | static CURLcode ssh_done(struct connectdata *conn, CURLcode status) | ||
1563 | { | ||
1564 | CURLcode result = CURLE_OK; | ||
1565 | - struct SSHPROTO *sftp_scp = conn->data->req.protop; | ||
1566 | + struct SSHPROTO *sftp_scp = conn->data->req.p.ssh; | ||
1567 | |||
1568 | if(!status) { | ||
1569 | /* run the state-machine */ | ||
1570 | diff --git a/lib/vssh/wolfssh.c b/lib/vssh/wolfssh.c | ||
1571 | index dcbbab6..1b990e3 100644 | ||
1572 | --- a/lib/vssh/wolfssh.c | ||
1573 | +++ b/lib/vssh/wolfssh.c | ||
1574 | @@ -322,7 +322,7 @@ static CURLcode wssh_setup_connection(struct connectdata *conn) | ||
1575 | { | ||
1576 | struct SSHPROTO *ssh; | ||
1577 | |||
1578 | - conn->data->req.protop = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1579 | + conn->data->req.p.ssh = ssh = calloc(1, sizeof(struct SSHPROTO)); | ||
1580 | if(!ssh) | ||
1581 | return CURLE_OUT_OF_MEMORY; | ||
1582 | |||
1583 | @@ -356,7 +356,7 @@ static CURLcode wssh_connect(struct connectdata *conn, bool *done) | ||
1584 | int rc; | ||
1585 | |||
1586 | /* initialize per-handle data if not already */ | ||
1587 | - if(!data->req.protop) | ||
1588 | + if(!data->req.p.ssh) | ||
1589 | wssh_setup_connection(conn); | ||
1590 | |||
1591 | /* We default to persistent connections. We set this already in this connect | ||
1592 | @@ -429,7 +429,7 @@ static CURLcode wssh_statemach_act(struct connectdata *conn, bool *block) | ||
1593 | CURLcode result = CURLE_OK; | ||
1594 | struct ssh_conn *sshc = &conn->proto.sshc; | ||
1595 | struct Curl_easy *data = conn->data; | ||
1596 | - struct SSHPROTO *sftp_scp = data->req.protop; | ||
1597 | + struct SSHPROTO *sftp_scp = data->req.p.ssh; | ||
1598 | WS_SFTPNAME *name; | ||
1599 | int rc = 0; | ||
1600 | *block = FALSE; /* we're not blocking by default */ | ||
1601 | @@ -1027,7 +1027,7 @@ static CURLcode wssh_block_statemach(struct connectdata *conn, | ||
1602 | static CURLcode wssh_done(struct connectdata *conn, CURLcode status) | ||
1603 | { | ||
1604 | CURLcode result = CURLE_OK; | ||
1605 | - struct SSHPROTO *sftp_scp = conn->data->req.protop; | ||
1606 | + struct SSHPROTO *sftp_scp = conn->data->req.p.ssh; | ||
1607 | |||
1608 | if(!status) { | ||
1609 | /* run the state-machine */ | ||
diff --git a/meta/recipes-support/curl/curl/CVE-2020-8284.patch b/meta/recipes-support/curl/curl/CVE-2020-8284.patch new file mode 100644 index 0000000000..4ae514ffa8 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2020-8284.patch | |||
@@ -0,0 +1,210 @@ | |||
1 | From ec9cc725d598ac77de7b6df8afeec292b3c8ad46 Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Tue, 24 Nov 2020 14:56:57 +0100 | ||
4 | Subject: [PATCH] ftp: CURLOPT_FTP_SKIP_PASV_IP by default | ||
5 | |||
6 | The command line tool also independently sets --ftp-skip-pasv-ip by | ||
7 | default. | ||
8 | |||
9 | Ten test cases updated to adapt the modified --libcurl output. | ||
10 | |||
11 | Bug: https://curl.se/docs/CVE-2020-8284.html | ||
12 | CVE-2020-8284 | ||
13 | |||
14 | Reported-by: Varnavas Papaioannou | ||
15 | |||
16 | Upstream-Status: Backport [https://github.com/curl/curl/commit/ec9cc725d598ac] | ||
17 | |||
18 | CVE: CVE-2020-8284 | ||
19 | |||
20 | Signed-off-by: Daniel Stenberg <daniel@haxx.se> | ||
21 | Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | ||
22 | --- | ||
23 | docs/cmdline-opts/ftp-skip-pasv-ip.d | 2 ++ | ||
24 | docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | 8 +++++--- | ||
25 | lib/url.c | 1 + | ||
26 | src/tool_cfgable.c | 1 + | ||
27 | tests/data/test1400 | 1 + | ||
28 | tests/data/test1401 | 1 + | ||
29 | tests/data/test1402 | 1 + | ||
30 | tests/data/test1403 | 1 + | ||
31 | tests/data/test1404 | 1 + | ||
32 | tests/data/test1405 | 1 + | ||
33 | tests/data/test1406 | 1 + | ||
34 | tests/data/test1407 | 1 + | ||
35 | tests/data/test1420 | 1 + | ||
36 | 14 files changed, 18 insertions(+), 3 deletions(-) | ||
37 | |||
38 | diff --git a/docs/cmdline-opts/ftp-skip-pasv-ip.d b/docs/cmdline-opts/ftp-skip-pasv-ip.d | ||
39 | index d6fd4589b1e..bcf4e7e62f2 100644 | ||
40 | --- a/docs/cmdline-opts/ftp-skip-pasv-ip.d | ||
41 | +++ b/docs/cmdline-opts/ftp-skip-pasv-ip.d | ||
42 | @@ -10,4 +10,6 @@ to curl's PASV command when curl connects the data connection. Instead curl | ||
43 | will re-use the same IP address it already uses for the control | ||
44 | connection. | ||
45 | |||
46 | +Since curl 7.74.0 this option is enabled by default. | ||
47 | + | ||
48 | This option has no effect if PORT, EPRT or EPSV is used instead of PASV. | ||
49 | diff --git a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | ||
50 | index d6217d0d8ca..fa87ddce769 100644 | ||
51 | --- a/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | ||
52 | +++ b/docs/libcurl/opts/CURLOPT_FTP_SKIP_PASV_IP.3 | ||
53 | @@ -5,7 +5,7 @@ | ||
54 | .\" * | (__| |_| | _ <| |___ | ||
55 | .\" * \___|\___/|_| \_\_____| | ||
56 | .\" * | ||
57 | -.\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. | ||
58 | +.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. | ||
59 | .\" * | ||
60 | .\" * This software is licensed as described in the file COPYING, which | ||
61 | .\" * you should have received as part of this distribution. The terms | ||
62 | @@ -35,11 +35,13 @@ address it already uses for the control connection. But it will use the port | ||
63 | number from the 227-response. | ||
64 | |||
65 | This option thus allows libcurl to work around broken server installations | ||
66 | -that due to NATs, firewalls or incompetence report the wrong IP address back. | ||
67 | +that due to NATs, firewalls or incompetence report the wrong IP address | ||
68 | +back. Setting the option also reduces the risk for various sorts of client | ||
69 | +abuse by malicious servers. | ||
70 | |||
71 | This option has no effect if PORT, EPRT or EPSV is used instead of PASV. | ||
72 | .SH DEFAULT | ||
73 | -0 | ||
74 | +1 since 7.74.0, was 0 before then. | ||
75 | .SH PROTOCOLS | ||
76 | FTP | ||
77 | .SH EXAMPLE | ||
78 | diff --git a/lib/url.c b/lib/url.c | ||
79 | index f8b2a0030de..2b0ba87ba87 100644 | ||
80 | --- a/lib/url.c | ||
81 | +++ b/lib/url.c | ||
82 | @@ -497,6 +497,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) | ||
83 | set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */ | ||
84 | set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */ | ||
85 | set->ftp_filemethod = FTPFILE_MULTICWD; | ||
86 | + set->ftp_skip_ip = TRUE; /* skip PASV IP by default */ | ||
87 | #endif | ||
88 | set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */ | ||
89 | |||
90 | diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c | ||
91 | index c52d8e1c6bb..4c06d3557b7 100644 | ||
92 | --- a/src/tool_cfgable.c | ||
93 | +++ b/src/tool_cfgable.c | ||
94 | @@ -44,6 +44,7 @@ void config_init(struct OperationConfig *config) | ||
95 | config->tcp_nodelay = TRUE; /* enabled by default */ | ||
96 | config->happy_eyeballs_timeout_ms = CURL_HET_DEFAULT; | ||
97 | config->http09_allowed = FALSE; | ||
98 | + config->ftp_skip_ip = TRUE; | ||
99 | } | ||
100 | |||
101 | static void free_config_fields(struct OperationConfig *config) | ||
102 | diff --git a/tests/data/test1400 b/tests/data/test1400 | ||
103 | index 812ad0b88d9..b7060eca58e 100644 | ||
104 | --- a/tests/data/test1400 | ||
105 | +++ b/tests/data/test1400 | ||
106 | @@ -73,6 +73,7 @@ int main(int argc, char *argv[]) | ||
107 | curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped"); | ||
108 | curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); | ||
109 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
110 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
111 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
112 | |||
113 | /* Here is a list of options the curl code used that cannot get generated | ||
114 | diff --git a/tests/data/test1401 b/tests/data/test1401 | ||
115 | index f93b3d637de..a2629683aff 100644 | ||
116 | --- a/tests/data/test1401 | ||
117 | +++ b/tests/data/test1401 | ||
118 | @@ -87,6 +87,7 @@ int main(int argc, char *argv[]) | ||
119 | curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); | ||
120 | curl_easy_setopt(hnd, CURLOPT_COOKIE, "chocolate=chip"); | ||
121 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
122 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
123 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
124 | curl_easy_setopt(hnd, CURLOPT_PROTOCOLS, (long)CURLPROTO_FILE | | ||
125 | (long)CURLPROTO_FTP | | ||
126 | diff --git a/tests/data/test1402 b/tests/data/test1402 | ||
127 | index 7593c516da1..1bd55cb4e3b 100644 | ||
128 | --- a/tests/data/test1402 | ||
129 | +++ b/tests/data/test1402 | ||
130 | @@ -78,6 +78,7 @@ int main(int argc, char *argv[]) | ||
131 | curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped"); | ||
132 | curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); | ||
133 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
134 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
135 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
136 | |||
137 | /* Here is a list of options the curl code used that cannot get generated | ||
138 | diff --git a/tests/data/test1403 b/tests/data/test1403 | ||
139 | index ecb4dd3dcab..a7c9fcca322 100644 | ||
140 | --- a/tests/data/test1403 | ||
141 | +++ b/tests/data/test1403 | ||
142 | @@ -73,6 +73,7 @@ int main(int argc, char *argv[]) | ||
143 | curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped"); | ||
144 | curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); | ||
145 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
146 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
147 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
148 | |||
149 | /* Here is a list of options the curl code used that cannot get generated | ||
150 | diff --git a/tests/data/test1404 b/tests/data/test1404 | ||
151 | index 97622b63948..1d8e8cf7779 100644 | ||
152 | --- a/tests/data/test1404 | ||
153 | +++ b/tests/data/test1404 | ||
154 | @@ -147,6 +147,7 @@ int main(int argc, char *argv[]) | ||
155 | curl_easy_setopt(hnd, CURLOPT_USERAGENT, "stripped"); | ||
156 | curl_easy_setopt(hnd, CURLOPT_MAXREDIRS, 50L); | ||
157 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
158 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
159 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
160 | |||
161 | /* Here is a list of options the curl code used that cannot get generated | ||
162 | diff --git a/tests/data/test1405 b/tests/data/test1405 | ||
163 | index 2bac79eda74..b4087704f7b 100644 | ||
164 | --- a/tests/data/test1405 | ||
165 | +++ b/tests/data/test1405 | ||
166 | @@ -89,6 +89,7 @@ int main(int argc, char *argv[]) | ||
167 | curl_easy_setopt(hnd, CURLOPT_POSTQUOTE, slist2); | ||
168 | curl_easy_setopt(hnd, CURLOPT_PREQUOTE, slist3); | ||
169 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
170 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
171 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
172 | |||
173 | /* Here is a list of options the curl code used that cannot get generated | ||
174 | diff --git a/tests/data/test1406 b/tests/data/test1406 | ||
175 | index 51a166adff2..38f68d11ee1 100644 | ||
176 | --- a/tests/data/test1406 | ||
177 | +++ b/tests/data/test1406 | ||
178 | @@ -79,6 +79,7 @@ int main(int argc, char *argv[]) | ||
179 | curl_easy_setopt(hnd, CURLOPT_URL, "smtp://%HOSTIP:%SMTPPORT/1406"); | ||
180 | curl_easy_setopt(hnd, CURLOPT_UPLOAD, 1L); | ||
181 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
182 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
183 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
184 | curl_easy_setopt(hnd, CURLOPT_MAIL_FROM, "sender@example.com"); | ||
185 | curl_easy_setopt(hnd, CURLOPT_MAIL_RCPT, slist1); | ||
186 | diff --git a/tests/data/test1407 b/tests/data/test1407 | ||
187 | index f6879008fb2..a7e13ba7585 100644 | ||
188 | --- a/tests/data/test1407 | ||
189 | +++ b/tests/data/test1407 | ||
190 | @@ -62,6 +62,7 @@ int main(int argc, char *argv[]) | ||
191 | curl_easy_setopt(hnd, CURLOPT_DIRLISTONLY, 1L); | ||
192 | curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret"); | ||
193 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
194 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
195 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
196 | |||
197 | /* Here is a list of options the curl code used that cannot get generated | ||
198 | diff --git a/tests/data/test1420 b/tests/data/test1420 | ||
199 | index 057ecc4773a..4b8d7bbf418 100644 | ||
200 | --- a/tests/data/test1420 | ||
201 | +++ b/tests/data/test1420 | ||
202 | @@ -67,6 +67,7 @@ int main(int argc, char *argv[]) | ||
203 | curl_easy_setopt(hnd, CURLOPT_URL, "imap://%HOSTIP:%IMAPPORT/1420/;MAILINDEX=1"); | ||
204 | curl_easy_setopt(hnd, CURLOPT_USERPWD, "user:secret"); | ||
205 | curl_easy_setopt(hnd, CURLOPT_VERBOSE, 1L); | ||
206 | + curl_easy_setopt(hnd, CURLOPT_FTP_SKIP_PASV_IP, 1L); | ||
207 | curl_easy_setopt(hnd, CURLOPT_TCP_KEEPALIVE, 1L); | ||
208 | |||
209 | /* Here is a list of options the curl code used that cannot get generated | ||
210 | |||
diff --git a/meta/recipes-support/curl/curl/CVE-2020-8285.patch b/meta/recipes-support/curl/curl/CVE-2020-8285.patch new file mode 100644 index 0000000000..8a0231ba84 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2020-8285.patch | |||
@@ -0,0 +1,257 @@ | |||
1 | From 69a358f2186e04cf44698b5100332cbf1ee7f01d Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Sat, 28 Nov 2020 00:27:21 +0100 | ||
4 | Subject: [PATCH] ftp: make wc_statemach loop instead of recurse | ||
5 | |||
6 | CVE-2020-8285 | ||
7 | |||
8 | Fixes #6255 | ||
9 | Bug: https://curl.se/docs/CVE-2020-8285.html | ||
10 | Reported-by: xnynx on github | ||
11 | |||
12 | Upstream-Status: Backport [https://github.com/curl/curl/commit/69a358f2186e04] | ||
13 | |||
14 | CVE: CVE-2020-8285 | ||
15 | |||
16 | Signed-off-by: Daniel Stenberg <daniel@haxx.se> | ||
17 | Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | ||
18 | --- | ||
19 | lib/ftp.c | 202 +++++++++++++++++++++++++++--------------------------- | ||
20 | 1 file changed, 102 insertions(+), 100 deletions(-) | ||
21 | |||
22 | diff --git a/lib/ftp.c b/lib/ftp.c | ||
23 | index 50e7d7ddac9..bc355742172 100644 | ||
24 | --- a/lib/ftp.c | ||
25 | +++ b/lib/ftp.c | ||
26 | @@ -3800,129 +3800,131 @@ static CURLcode init_wc_data(struct connectdata *conn) | ||
27 | return result; | ||
28 | } | ||
29 | |||
30 | -/* This is called recursively */ | ||
31 | static CURLcode wc_statemach(struct connectdata *conn) | ||
32 | { | ||
33 | struct WildcardData * const wildcard = &(conn->data->wildcard); | ||
34 | CURLcode result = CURLE_OK; | ||
35 | |||
36 | - switch(wildcard->state) { | ||
37 | - case CURLWC_INIT: | ||
38 | - result = init_wc_data(conn); | ||
39 | - if(wildcard->state == CURLWC_CLEAN) | ||
40 | - /* only listing! */ | ||
41 | - break; | ||
42 | - wildcard->state = result ? CURLWC_ERROR : CURLWC_MATCHING; | ||
43 | - break; | ||
44 | + for(;;) { | ||
45 | + switch(wildcard->state) { | ||
46 | + case CURLWC_INIT: | ||
47 | + result = init_wc_data(conn); | ||
48 | + if(wildcard->state == CURLWC_CLEAN) | ||
49 | + /* only listing! */ | ||
50 | + return result; | ||
51 | + wildcard->state = result ? CURLWC_ERROR : CURLWC_MATCHING; | ||
52 | + return result; | ||
53 | |||
54 | - case CURLWC_MATCHING: { | ||
55 | - /* In this state is LIST response successfully parsed, so lets restore | ||
56 | - previous WRITEFUNCTION callback and WRITEDATA pointer */ | ||
57 | - struct ftp_wc *ftpwc = wildcard->protdata; | ||
58 | - conn->data->set.fwrite_func = ftpwc->backup.write_function; | ||
59 | - conn->data->set.out = ftpwc->backup.file_descriptor; | ||
60 | - ftpwc->backup.write_function = ZERO_NULL; | ||
61 | - ftpwc->backup.file_descriptor = NULL; | ||
62 | - wildcard->state = CURLWC_DOWNLOADING; | ||
63 | - | ||
64 | - if(Curl_ftp_parselist_geterror(ftpwc->parser)) { | ||
65 | - /* error found in LIST parsing */ | ||
66 | - wildcard->state = CURLWC_CLEAN; | ||
67 | - return wc_statemach(conn); | ||
68 | - } | ||
69 | - if(wildcard->filelist.size == 0) { | ||
70 | - /* no corresponding file */ | ||
71 | - wildcard->state = CURLWC_CLEAN; | ||
72 | - return CURLE_REMOTE_FILE_NOT_FOUND; | ||
73 | + case CURLWC_MATCHING: { | ||
74 | + /* In this state is LIST response successfully parsed, so lets restore | ||
75 | + previous WRITEFUNCTION callback and WRITEDATA pointer */ | ||
76 | + struct ftp_wc *ftpwc = wildcard->protdata; | ||
77 | + conn->data->set.fwrite_func = ftpwc->backup.write_function; | ||
78 | + conn->data->set.out = ftpwc->backup.file_descriptor; | ||
79 | + ftpwc->backup.write_function = ZERO_NULL; | ||
80 | + ftpwc->backup.file_descriptor = NULL; | ||
81 | + wildcard->state = CURLWC_DOWNLOADING; | ||
82 | + | ||
83 | + if(Curl_ftp_parselist_geterror(ftpwc->parser)) { | ||
84 | + /* error found in LIST parsing */ | ||
85 | + wildcard->state = CURLWC_CLEAN; | ||
86 | + continue; | ||
87 | + } | ||
88 | + if(wildcard->filelist.size == 0) { | ||
89 | + /* no corresponding file */ | ||
90 | + wildcard->state = CURLWC_CLEAN; | ||
91 | + return CURLE_REMOTE_FILE_NOT_FOUND; | ||
92 | + } | ||
93 | + continue; | ||
94 | } | ||
95 | - return wc_statemach(conn); | ||
96 | - } | ||
97 | |||
98 | - case CURLWC_DOWNLOADING: { | ||
99 | - /* filelist has at least one file, lets get first one */ | ||
100 | - struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
101 | - struct curl_fileinfo *finfo = wildcard->filelist.head->ptr; | ||
102 | - struct FTP *ftp = conn->data->req.p.ftp; | ||
103 | + case CURLWC_DOWNLOADING: { | ||
104 | + /* filelist has at least one file, lets get first one */ | ||
105 | + struct ftp_conn *ftpc = &conn->proto.ftpc; | ||
106 | + struct curl_fileinfo *finfo = wildcard->filelist.head->ptr; | ||
107 | + struct FTP *ftp = conn->data->req.p.ftp; | ||
108 | |||
109 | - char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename); | ||
110 | - if(!tmp_path) | ||
111 | - return CURLE_OUT_OF_MEMORY; | ||
112 | + char *tmp_path = aprintf("%s%s", wildcard->path, finfo->filename); | ||
113 | + if(!tmp_path) | ||
114 | + return CURLE_OUT_OF_MEMORY; | ||
115 | |||
116 | - /* switch default ftp->path and tmp_path */ | ||
117 | - free(ftp->pathalloc); | ||
118 | - ftp->pathalloc = ftp->path = tmp_path; | ||
119 | - | ||
120 | - infof(conn->data, "Wildcard - START of \"%s\"\n", finfo->filename); | ||
121 | - if(conn->data->set.chunk_bgn) { | ||
122 | - long userresponse; | ||
123 | - Curl_set_in_callback(conn->data, true); | ||
124 | - userresponse = conn->data->set.chunk_bgn( | ||
125 | - finfo, wildcard->customptr, (int)wildcard->filelist.size); | ||
126 | - Curl_set_in_callback(conn->data, false); | ||
127 | - switch(userresponse) { | ||
128 | - case CURL_CHUNK_BGN_FUNC_SKIP: | ||
129 | - infof(conn->data, "Wildcard - \"%s\" skipped by user\n", | ||
130 | - finfo->filename); | ||
131 | - wildcard->state = CURLWC_SKIP; | ||
132 | - return wc_statemach(conn); | ||
133 | - case CURL_CHUNK_BGN_FUNC_FAIL: | ||
134 | - return CURLE_CHUNK_FAILED; | ||
135 | + /* switch default ftp->path and tmp_path */ | ||
136 | + free(ftp->pathalloc); | ||
137 | + ftp->pathalloc = ftp->path = tmp_path; | ||
138 | + | ||
139 | + infof(conn->data, "Wildcard - START of \"%s\"\n", finfo->filename); | ||
140 | + if(conn->data->set.chunk_bgn) { | ||
141 | + long userresponse; | ||
142 | + Curl_set_in_callback(conn->data, true); | ||
143 | + userresponse = conn->data->set.chunk_bgn( | ||
144 | + finfo, wildcard->customptr, (int)wildcard->filelist.size); | ||
145 | + Curl_set_in_callback(conn->data, false); | ||
146 | + switch(userresponse) { | ||
147 | + case CURL_CHUNK_BGN_FUNC_SKIP: | ||
148 | + infof(conn->data, "Wildcard - \"%s\" skipped by user\n", | ||
149 | + finfo->filename); | ||
150 | + wildcard->state = CURLWC_SKIP; | ||
151 | + continue; | ||
152 | + case CURL_CHUNK_BGN_FUNC_FAIL: | ||
153 | + return CURLE_CHUNK_FAILED; | ||
154 | + } | ||
155 | } | ||
156 | - } | ||
157 | |||
158 | - if(finfo->filetype != CURLFILETYPE_FILE) { | ||
159 | - wildcard->state = CURLWC_SKIP; | ||
160 | - return wc_statemach(conn); | ||
161 | - } | ||
162 | + if(finfo->filetype != CURLFILETYPE_FILE) { | ||
163 | + wildcard->state = CURLWC_SKIP; | ||
164 | + continue; | ||
165 | + } | ||
166 | |||
167 | - if(finfo->flags & CURLFINFOFLAG_KNOWN_SIZE) | ||
168 | - ftpc->known_filesize = finfo->size; | ||
169 | + if(finfo->flags & CURLFINFOFLAG_KNOWN_SIZE) | ||
170 | + ftpc->known_filesize = finfo->size; | ||
171 | |||
172 | - result = ftp_parse_url_path(conn); | ||
173 | - if(result) | ||
174 | - return result; | ||
175 | + result = ftp_parse_url_path(conn); | ||
176 | + if(result) | ||
177 | + return result; | ||
178 | |||
179 | - /* we don't need the Curl_fileinfo of first file anymore */ | ||
180 | - Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL); | ||
181 | + /* we don't need the Curl_fileinfo of first file anymore */ | ||
182 | + Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL); | ||
183 | |||
184 | - if(wildcard->filelist.size == 0) { /* remains only one file to down. */ | ||
185 | - wildcard->state = CURLWC_CLEAN; | ||
186 | - /* after that will be ftp_do called once again and no transfer | ||
187 | - will be done because of CURLWC_CLEAN state */ | ||
188 | - return CURLE_OK; | ||
189 | + if(wildcard->filelist.size == 0) { /* remains only one file to down. */ | ||
190 | + wildcard->state = CURLWC_CLEAN; | ||
191 | + /* after that will be ftp_do called once again and no transfer | ||
192 | + will be done because of CURLWC_CLEAN state */ | ||
193 | + return CURLE_OK; | ||
194 | + } | ||
195 | + return result; | ||
196 | } | ||
197 | - } break; | ||
198 | |||
199 | - case CURLWC_SKIP: { | ||
200 | - if(conn->data->set.chunk_end) { | ||
201 | - Curl_set_in_callback(conn->data, true); | ||
202 | - conn->data->set.chunk_end(conn->data->wildcard.customptr); | ||
203 | - Curl_set_in_callback(conn->data, false); | ||
204 | + case CURLWC_SKIP: { | ||
205 | + if(conn->data->set.chunk_end) { | ||
206 | + Curl_set_in_callback(conn->data, true); | ||
207 | + conn->data->set.chunk_end(conn->data->wildcard.customptr); | ||
208 | + Curl_set_in_callback(conn->data, false); | ||
209 | + } | ||
210 | + Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL); | ||
211 | + wildcard->state = (wildcard->filelist.size == 0) ? | ||
212 | + CURLWC_CLEAN : CURLWC_DOWNLOADING; | ||
213 | + continue; | ||
214 | } | ||
215 | - Curl_llist_remove(&wildcard->filelist, wildcard->filelist.head, NULL); | ||
216 | - wildcard->state = (wildcard->filelist.size == 0) ? | ||
217 | - CURLWC_CLEAN : CURLWC_DOWNLOADING; | ||
218 | - return wc_statemach(conn); | ||
219 | - } | ||
220 | |||
221 | - case CURLWC_CLEAN: { | ||
222 | - struct ftp_wc *ftpwc = wildcard->protdata; | ||
223 | - result = CURLE_OK; | ||
224 | - if(ftpwc) | ||
225 | - result = Curl_ftp_parselist_geterror(ftpwc->parser); | ||
226 | + case CURLWC_CLEAN: { | ||
227 | + struct ftp_wc *ftpwc = wildcard->protdata; | ||
228 | + result = CURLE_OK; | ||
229 | + if(ftpwc) | ||
230 | + result = Curl_ftp_parselist_geterror(ftpwc->parser); | ||
231 | |||
232 | - wildcard->state = result ? CURLWC_ERROR : CURLWC_DONE; | ||
233 | - } break; | ||
234 | + wildcard->state = result ? CURLWC_ERROR : CURLWC_DONE; | ||
235 | + return result; | ||
236 | + } | ||
237 | |||
238 | - case CURLWC_DONE: | ||
239 | - case CURLWC_ERROR: | ||
240 | - case CURLWC_CLEAR: | ||
241 | - if(wildcard->dtor) | ||
242 | - wildcard->dtor(wildcard->protdata); | ||
243 | - break; | ||
244 | + case CURLWC_DONE: | ||
245 | + case CURLWC_ERROR: | ||
246 | + case CURLWC_CLEAR: | ||
247 | + if(wildcard->dtor) | ||
248 | + wildcard->dtor(wildcard->protdata); | ||
249 | + return result; | ||
250 | + } | ||
251 | } | ||
252 | - | ||
253 | - return result; | ||
254 | + /* UNREACHABLE */ | ||
255 | } | ||
256 | |||
257 | /*********************************************************************** | ||
diff --git a/meta/recipes-support/curl/curl/CVE-2020-8286.patch b/meta/recipes-support/curl/curl/CVE-2020-8286.patch new file mode 100644 index 0000000000..8c75cba844 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2020-8286.patch | |||
@@ -0,0 +1,131 @@ | |||
1 | From 5d3b28deac44c19e4d73fc80e4917d42ee43adfe Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Wed, 2 Dec 2020 23:01:11 +0100 | ||
4 | Subject: [PATCH] openssl: make the OCSP verification verify the certificate id | ||
5 | |||
6 | CVE-2020-8286 | ||
7 | |||
8 | Reported by anonymous | ||
9 | |||
10 | Bug: https://curl.se/docs/CVE-2020-8286.html | ||
11 | |||
12 | Upstream-Status: Backport [https://github.com/curl/curl/commit/d9d01672785b] | ||
13 | |||
14 | CVE: CVE-2020-8286 | ||
15 | |||
16 | Signed-off-by: Daniel Stenberg <daniel@haxx.se> | ||
17 | Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | ||
18 | |||
19 | --- | ||
20 | lib/vtls/openssl.c | 83 +++++++++++++++++++++++++++++++++++------------------- | ||
21 | 1 file changed, 54 insertions(+), 29 deletions(-) | ||
22 | |||
23 | diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c | ||
24 | index 1685a4a..22cbfe7 100644 | ||
25 | --- a/lib/vtls/openssl.c | ||
26 | +++ b/lib/vtls/openssl.c | ||
27 | @@ -1777,6 +1777,11 @@ static CURLcode verifystatus(struct connectdata *conn, | ||
28 | X509_STORE *st = NULL; | ||
29 | STACK_OF(X509) *ch = NULL; | ||
30 | struct ssl_backend_data *backend = connssl->backend; | ||
31 | + X509 *cert; | ||
32 | + OCSP_CERTID *id = NULL; | ||
33 | + int cert_status, crl_reason; | ||
34 | + ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd; | ||
35 | + int ret; | ||
36 | |||
37 | long len = SSL_get_tlsext_status_ocsp_resp(backend->handle, &status); | ||
38 | |||
39 | @@ -1845,43 +1850,63 @@ static CURLcode verifystatus(struct connectdata *conn, | ||
40 | goto end; | ||
41 | } | ||
42 | |||
43 | - for(i = 0; i < OCSP_resp_count(br); i++) { | ||
44 | - int cert_status, crl_reason; | ||
45 | - OCSP_SINGLERESP *single = NULL; | ||
46 | - | ||
47 | - ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd; | ||
48 | + /* Compute the certificate's ID */ | ||
49 | + cert = SSL_get_peer_certificate(backend->handle); | ||
50 | + if(!cert) { | ||
51 | + failf(data, "Error getting peer certficate"); | ||
52 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
53 | + goto end; | ||
54 | + } | ||
55 | |||
56 | - single = OCSP_resp_get0(br, i); | ||
57 | - if(!single) | ||
58 | - continue; | ||
59 | + for(i = 0; i < sk_X509_num(ch); i++) { | ||
60 | + X509 *issuer = sk_X509_value(ch, i); | ||
61 | + if(X509_check_issued(issuer, cert) == X509_V_OK) { | ||
62 | + id = OCSP_cert_to_id(EVP_sha1(), cert, issuer); | ||
63 | + break; | ||
64 | + } | ||
65 | + } | ||
66 | + X509_free(cert); | ||
67 | |||
68 | - cert_status = OCSP_single_get0_status(single, &crl_reason, &rev, | ||
69 | - &thisupd, &nextupd); | ||
70 | + if(!id) { | ||
71 | + failf(data, "Error computing OCSP ID"); | ||
72 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
73 | + goto end; | ||
74 | + } | ||
75 | |||
76 | - if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) { | ||
77 | - failf(data, "OCSP response has expired"); | ||
78 | - result = CURLE_SSL_INVALIDCERTSTATUS; | ||
79 | - goto end; | ||
80 | - } | ||
81 | + /* Find the single OCSP response corresponding to the certificate ID */ | ||
82 | + ret = OCSP_resp_find_status(br, id, &cert_status, &crl_reason, &rev, | ||
83 | + &thisupd, &nextupd); | ||
84 | + OCSP_CERTID_free(id); | ||
85 | + if(ret != 1) { | ||
86 | + failf(data, "Could not find certificate ID in OCSP response"); | ||
87 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
88 | + goto end; | ||
89 | + } | ||
90 | |||
91 | - infof(data, "SSL certificate status: %s (%d)\n", | ||
92 | - OCSP_cert_status_str(cert_status), cert_status); | ||
93 | + /* Validate the corresponding single OCSP response */ | ||
94 | + if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) { | ||
95 | + failf(data, "OCSP response has expired"); | ||
96 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
97 | + goto end; | ||
98 | + } | ||
99 | |||
100 | - switch(cert_status) { | ||
101 | - case V_OCSP_CERTSTATUS_GOOD: | ||
102 | - break; | ||
103 | + infof(data, "SSL certificate status: %s (%d)\n", | ||
104 | + OCSP_cert_status_str(cert_status), cert_status); | ||
105 | |||
106 | - case V_OCSP_CERTSTATUS_REVOKED: | ||
107 | - result = CURLE_SSL_INVALIDCERTSTATUS; | ||
108 | + switch(cert_status) { | ||
109 | + case V_OCSP_CERTSTATUS_GOOD: | ||
110 | + break; | ||
111 | |||
112 | - failf(data, "SSL certificate revocation reason: %s (%d)", | ||
113 | - OCSP_crl_reason_str(crl_reason), crl_reason); | ||
114 | - goto end; | ||
115 | + case V_OCSP_CERTSTATUS_REVOKED: | ||
116 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
117 | + failf(data, "SSL certificate revocation reason: %s (%d)", | ||
118 | + OCSP_crl_reason_str(crl_reason), crl_reason); | ||
119 | + goto end; | ||
120 | |||
121 | - case V_OCSP_CERTSTATUS_UNKNOWN: | ||
122 | - result = CURLE_SSL_INVALIDCERTSTATUS; | ||
123 | - goto end; | ||
124 | - } | ||
125 | + case V_OCSP_CERTSTATUS_UNKNOWN: | ||
126 | + default: | ||
127 | + result = CURLE_SSL_INVALIDCERTSTATUS; | ||
128 | + goto end; | ||
129 | } | ||
130 | |||
131 | end: | ||
diff --git a/meta/recipes-support/curl/curl_7.72.0.bb b/meta/recipes-support/curl/curl_7.72.0.bb index 7d0268253d..a9b52a8a1d 100644 --- a/meta/recipes-support/curl/curl_7.72.0.bb +++ b/meta/recipes-support/curl/curl_7.72.0.bb | |||
@@ -7,6 +7,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=2e9fb35867314fe31c6a4977ef7dd531" | |||
7 | 7 | ||
8 | SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | 8 | SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ |
9 | file://0001-replace-krb5-config-with-pkg-config.patch \ | 9 | file://0001-replace-krb5-config-with-pkg-config.patch \ |
10 | file://0002-remove-void-protop-create-union-p.patch \ | ||
11 | file://CVE-2020-8284.patch \ | ||
12 | file://CVE-2020-8285.patch \ | ||
13 | file://CVE-2020-8286.patch \ | ||
10 | " | 14 | " |
11 | 15 | ||
12 | SRC_URI[sha256sum] = "ad91970864102a59765e20ce16216efc9d6ad381471f7accceceab7d905703ef" | 16 | SRC_URI[sha256sum] = "ad91970864102a59765e20ce16216efc9d6ad381471f7accceceab7d905703ef" |